ILIAS Release_3_6_x_branch .rev 46809: classes/class.ilObjRoleGUI.php Source File

Go to the documentation of this file.
00001 <?php
00002 /*
00003         +-----------------------------------------------------------------------------+
00004         | ILIAS open source                                                           |
00005         +-----------------------------------------------------------------------------+
00006         | Copyright (c) 1998-2001 ILIAS open source, University of Cologne            |
00007         |                                                                             |
00008         | This program is free software; you can redistribute it and/or               |
00009         | modify it under the terms of the GNU General Public License                 |
00010         | as published by the Free Software Foundation; either version 2              |
00011         | of the License, or (at your option) any later version.                      |
00012         |                                                                             |
00013         | This program is distributed in the hope that it will be useful,             |
00014         | but WITHOUT ANY WARRANTY; without even the implied warranty of              |
00015         | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |
00016         | GNU General Public License for more details.                                |
00017         |                                                                             |
00018         | You should have received a copy of the GNU General Public License           |
00019         | along with this program; if not, write to the Free Software                 |
00020         | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |
00021         +-----------------------------------------------------------------------------+
00022 */
00023 
00024 
00038 require_once "class.ilObjectGUI.php";
00039 
00040 class ilObjRoleGUI extends ilObjectGUI
00041 {
00047         var $type;
00048 
00054         var $rolf_ref_id;
00055 
00056 
00057         var $ctrl;
00058  
00063         function ilObjRoleGUI($a_data,$a_id,$a_call_by_reference = false,$a_prepare_output = true)
00064         {
00065                 //TODO: move this to class.ilias.php
00066                 define("USER_FOLDER_ID",7);
00067 
00068                 // copy ref_id for later use.
00069                 if ($_GET['rolf_ref_id'] != "")
00070                 {
00071                         $this->rolf_ref_id = $_GET['rolf_ref_id'];
00072                 }
00073                 else
00074                 {
00075                         $this->rolf_ref_id = $_GET['ref_id'];
00076                 }
00077 
00078                 $this->type = "role";
00079                 $this->ilObjectGUI($a_data,$a_id,$a_call_by_reference,false);
00080                 $this->ctrl->saveParameter($this, array("obj_id", "rolf_ref_id"));
00081         }
00082 
00083 
00084         function &executeCommand()
00085         {
00086                 global $rbacsystem;
00087 
00088                 // todo: clean this mess up, but note that there are several
00089                 // points where roles can be edited:
00090                 // - repository categories, courses, groups, learning modules
00091                 // glossaries (see object.xml)
00092                 // - administration -> repository trash and permissions ->
00093                 //   item ->edit role
00094                 // - administration -> repository trash and permissions ->
00095                 //   role folder -> role
00096                 // - administration -> roles -> role
00097                 if($this->ctrl->getTargetScript() == 'repository.php' ||
00098                         $this->ctrl->getTargetScript() == 'role.php' ||
00099                         $this->ctrl->getTargetScript() == 'sahs_edit.php' ||
00100                         $this->ctrl->getTargetScript() == 'fblm_edit.php' ||
00101                         $this->ctrl->getTargetScript() == 'chat.php' ||
00102                         $this->ctrl->getTargetScript() == 'exercise.php' ||
00103                         $this->ctrl->getTargetScript() == 'mep_edit.php' ||
00104                         $this->ctrl->getTargetScript() == 'link_resources.php' ||
00105                         strtolower($_GET["baseClass"]) == 'illmeditorgui' ||
00106                         strtolower($_GET["baseClass"]) == 'ilobjsurveygui' ||
00107                         strtolower($_GET["baseClass"]) == 'ilobjsurveyquestionpoolgui' ||
00108                         strtolower($_GET["baseClass"]) == 'ilobjtestgui' ||
00109                         strtolower($_GET["baseClass"]) == 'ilobjquestionpoolgui' ||
00110                         strtolower($_GET["baseClass"]) == 'ilglossaryeditorgui' ||
00111                         $_GET["admin_mode"] == "repository")
00112                 {
00113                         $this->__prepareOutput();
00114                 }
00115                 else
00116                 {
00117                         if ($_GET["ref_id"] != SYSTEM_FOLDER_ID)
00118                         {
00119                                 $this->prepareOutput();
00120                         }
00121                         else
00122                         {
00123                                 $this->setAdminTabs();
00124                                 //$this->addAdminLocatorItems();
00125                                 //$tpl->setLocator();
00126                         }
00127                 }
00128 
00129                 $next_class = $this->ctrl->getNextClass($this);
00130                 $cmd = $this->ctrl->getCmd();
00131 
00132                 switch($next_class)
00133                 {
00134                         default:
00135                                 if(!$cmd)
00136                                 {
00137                                         $cmd = "perm";
00138                                 }
00139                                 $cmd .= "Object";
00140                                 $this->$cmd();
00141                                         
00142                                 break;
00143                 }
00144 
00145                 return true;
00146         }
00147         
00151         function setBackTarget($a_text, $a_link)
00152         {
00153                 $this->back_target = array("text" => $a_text,
00154                         "link" => $a_link);
00155         }
00156         
00160         function getAdminTabs(&$tabs_gui)
00161         {
00162                 $this->getTabs($tabs_gui);
00163         }
00164 
00165 
00166         function listDesktopItemsObject()
00167         {
00168                 global $rbacsystem,$rbacreview,$tree;
00169 
00170                 if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00171                 {
00172                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00173                 }
00174 
00175                 if(!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
00176                         $this->rolf_ref_id != ROLE_FOLDER_ID)
00177                 {
00178                         sendInfo($this->lng->txt('role_no_users_no_desk_items'));
00179                         return true;
00180                 }
00181 
00182 
00183                 include_once './classes/class.ilRoleDesktopItem.php';
00184 
00185                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00186 
00187 
00188                 $this->__showButton('selectDesktopItem',$this->lng->txt('role_desk_add'));
00189                 if(!count($items = $role_desk_item_obj->getAll()))
00190                 {
00191                         sendInfo($this->lng->txt('role_desk_none_created'));
00192 
00193                         return true;
00194                 }
00195                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_list.html");
00196                 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00197                 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
00198                 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
00199                 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
00200                 $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
00201                 $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
00202                 $this->tpl->setVariable("IMG_ARROW",ilUtil::getImagePath('arrow_downright.gif'));
00203 
00204                 $counter = 0;
00205 
00206                 foreach($items as $role_item_id => $item)
00207                 {
00208                         $tmp_obj = ilObjectFactory::getInstanceByRefId($item['item_id']);
00209                         
00210                         if(strlen($desc = $tmp_obj->getDescription()))
00211                         {
00212                                 $this->tpl->setCurrentBlock("description");
00213                                 $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
00214                                 $this->tpl->parseCurrentBlock();
00215                         }
00216                         $this->tpl->setCurrentBlock("desk_row");
00217                         $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
00218                         $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
00219                         $this->tpl->setVariable("CHECK_DESK",ilUtil::formCheckBox(0,'del_desk_item[]',$role_item_id));
00220                         $this->tpl->setVariable("TXT_PATH",$this->lng->txt('path').':');
00221                         $this->tpl->setVariable("PATH",$this->__formatPath($tree->getPathFull($item['item_id'])));
00222                         $this->tpl->parseCurrentBlock();
00223                 }
00224 
00225                 return true;
00226         }
00227 
00228         function askDeleteDesktopItemObject()
00229         {
00230                 global $rbacsystem;
00231                 
00232                 if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00233                 {
00234                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00235                 }
00236                 if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00237                 {
00238                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00239                 }
00240                 if(!count($_POST['del_desk_item']))
00241                 {
00242                         sendInfo($this->lng->txt('role_select_one_item'));
00243 
00244                         $this->listDesktopItemsObject();
00245 
00246                         return true;
00247                 }
00248                 sendInfo($this->lng->txt('role_sure_delete_desk_items'));
00249                 
00250                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_ask_delete_desktop_item.html");
00251                 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00252                 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
00253                 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
00254                 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
00255                 $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
00256                 $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
00257                 $this->tpl->setVariable("BTN_CANCEL",$this->lng->txt('cancel'));
00258 
00259                 include_once './classes/class.ilRoleDesktopItem.php';
00260 
00261                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00262 
00263                 $counter = 0;
00264 
00265                 foreach($_POST['del_desk_item'] as $role_item_id)
00266                 {
00267                         $item_data = $role_desk_item_obj->getItem($role_item_id);
00268                         $tmp_obj =& ilObjectFactory::getInstanceByRefId($item_data['item_id']);
00269 
00270                         if(strlen($desc = $tmp_obj->getDescription()))
00271                         {
00272                                 $this->tpl->setCurrentBlock("description");
00273                                 $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
00274                                 $this->tpl->parseCurrentBlock();
00275                         }
00276                         $this->tpl->setCurrentBlock("desk_row");
00277                         $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
00278                         $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
00279                         $this->tpl->parseCurrentBlock();
00280                 }
00281 
00282                 $_SESSION['role_del_desk_items'] = $_POST['del_desk_item'];
00283 
00284                 return true;
00285         }
00286 
00287         function deleteDesktopItemsObject()
00288         {
00289                 global $rbacsystem;
00290                 
00291                 if (!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00292                 {
00293                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00294                 }
00295 
00296                 if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00297                 {
00298                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00299                 }
00300 
00301                 if (!count($_SESSION['role_del_desk_items']))
00302                 {
00303                         sendInfo($this->lng->txt('role_select_one_item'));
00304 
00305                         $this->listDesktopItemsObject();
00306 
00307                         return true;
00308                 }
00309 
00310                 include_once './classes/class.ilRoleDesktopItem.php';
00311 
00312                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00313 
00314                 foreach ($_SESSION['role_del_desk_items'] as $role_item_id)
00315                 {
00316                         $role_desk_item_obj->delete($role_item_id);
00317                 }
00318 
00319                 sendInfo($this->lng->txt('role_deleted_desktop_items'));
00320                 $this->listDesktopItemsObject();
00321 
00322                 return true;
00323         }
00324 
00325 
00326         function selectDesktopItemObject()
00327         {
00328                 global $rbacsystem,$tree;
00329 
00330                 include_once './classes/class.ilRoleDesktopItemSelector.php';
00331                 include_once './classes/class.ilRoleDesktopItem.php';
00332 
00333                 if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00334                 {
00335                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00336                 }
00337 
00338                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_selector.html");
00339                 $this->__showButton('listDesktopItems',$this->lng->txt('back'));
00340 
00341                 sendInfo($this->lng->txt("role_select_desktop_item"));
00342                 
00343                 $exp = new ilRoleDesktopItemSelector($this->ctrl->getLinkTarget($this,'selectDesktopItem'),
00344                                                                                          new ilRoleDesktopItem($this->object->getId()));
00345                 $exp->setExpand($_GET["role_desk_item_link_expand"] ? $_GET["role_desk_item_link_expand"] : $tree->readRootId());
00346                 $exp->setExpandTarget($this->ctrl->getLinkTarget($this,'selectDesktopItem'));
00347                 
00348                 $exp->setOutput(0);
00349                 
00350                 $this->tpl->setVariable("EXPLORER",$exp->getOutput());
00351 
00352                 return true;
00353         }
00354 
00355         function assignDesktopItemObject()
00356         {
00357                 global $rbacsystem;
00358 
00359                 if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00360                 {
00361                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00362 
00363                         return false;
00364                 }
00365         
00366                 if (!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00367                 {
00368                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00369 
00370                         return false;
00371                 }
00372 
00373                 if (!isset($_GET['item_id']))
00374                 {
00375                         sendInfo($this->lng->txt('role_no_item_selected'));
00376                         $this->selectDesktopItemObject();
00377 
00378                         return false;
00379                 }
00380 
00381                 include_once './classes/class.ilRoleDesktopItem.php';
00382 
00383                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00384                 $role_desk_item_obj->add((int) $_GET['item_id'],ilObject::_lookupType((int) $_GET['item_id'],true));
00385 
00386                 sendInfo($this->lng->txt('role_assigned_desktop_item'));
00387 
00388                 $this->ctrl->redirect($this,'listDesktopItems');
00389                 return true;
00390         }
00391 
00392 
00396         function createObject()
00397         {
00398                 global $rbacsystem;
00399                 
00400                 if (!$rbacsystem->checkAccess('create_role', $this->rolf_ref_id))
00401                 {
00402                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00403                 }
00404 
00405                 $this->getTemplateFile("edit","role");
00406 
00407                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00408                 {
00409                         $this->tpl->setCurrentBlock("allow_register");
00410                         $allow_register = ($_SESSION["error_post_vars"]["Fobject"]["allow_register"]) ? "checked=\"checked\"" : "";
00411                         $this->tpl->setVariable("TXT_ALLOW_REGISTER",$this->lng->txt("allow_register"));
00412                         $this->tpl->setVariable("ALLOW_REGISTER",$allow_register);
00413                         $this->tpl->parseCurrentBlock();
00414 
00415                         $this->tpl->setCurrentBlock("assign_users");
00416                         $assign_users = $_SESSION["error_post_vars"]["Fobject"]["assign_users"] ? "checked=\"checked\"" : "";
00417                         $this->tpl->setVariable("TXT_ASSIGN_USERS",$this->lng->txt("allow_assign_users"));
00418                         $this->tpl->setVariable("ASSIGN_USERS",$assign_users);
00419                         $this->tpl->parseCurrentBlock();
00420                         
00421                         $this->tpl->setCurrentBlock("protect_permissions");
00422                         $protect_permissions = $_SESSION["error_post_vars"]["Fobject"]["protect_permissions"] ? "checked=\"checked\"" : "";
00423                         $this->tpl->setVariable("TXT_PROTECT_PERMISSIONS",$this->lng->txt("role_protect_permissions"));
00424                         $this->tpl->setVariable("PROTECT_PERMISSIONS",$protect_permissions);
00425                         $this->tpl->parseCurrentBlock();
00426                 }
00427 
00428                 // fill in saved values in case of error
00429                 $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($_SESSION["error_post_vars"]["Fobject"]["title"]),true);
00430                 $this->tpl->setVariable("DESC",ilUtil::stripSlashes($_SESSION["error_post_vars"]["Fobject"]["desc"]));
00431 
00432                 $this->tpl->setVariable("TXT_TITLE",$this->lng->txt("title"));
00433                 $this->tpl->setVariable("TXT_DESC",$this->lng->txt("desc"));
00434                 $this->ctrl->setParameter($this, "new_type", $this->type);
00435                 $this->tpl->setVariable("FORMACTION",
00436                         $this->ctrl->getFormAction($this));
00437                 $this->tpl->setVariable("TXT_HEADER", $this->lng->txt($this->type."_new"));
00438                 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
00439                 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt($this->type."_add"));
00440                 $this->tpl->setVariable("CMD_SUBMIT", "save");
00441                 $this->tpl->setVariable("TARGET", $this->getTargetFrame("save"));
00442                 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
00443         }
00444 
00450         function saveObject()
00451         {
00452                 global $rbacsystem, $rbacadmin, $rbacreview;
00453 
00454                 // check for create role permission
00455                 if (!$rbacsystem->checkAccess("create_role",$this->rolf_ref_id))
00456                 {
00457                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_create_role"),$this->ilias->error_obj->MESSAGE);
00458                 }
00459 
00460                 // check required fields
00461                 if (empty($_POST["Fobject"]["title"]))
00462                 {
00463                         $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
00464                 }
00465 
00466                 // check if role title is unique
00467                 if ($rbacreview->roleExists($_POST["Fobject"]["title"]))
00468                 {
00469                         $this->ilias->raiseError($this->lng->txt("msg_role_exists1")." '".ilUtil::stripSlashes($_POST["Fobject"]["title"])."' ".
00470                                                                          $this->lng->txt("msg_role_exists2"),$this->ilias->error_obj->MESSAGE);
00471                 }
00472                 
00473                 // check if role title has il_ prefix
00474                 if (substr($_POST["Fobject"]["title"],0,3) == "il_")
00475                 {
00476                         $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
00477                 }
00478 
00479                 // save
00480                 include_once("class.ilObjRole.php");
00481                 $roleObj = new ilObjRole();
00482                 $roleObj->setTitle(ilUtil::stripSlashes($_POST["Fobject"]["title"]));
00483                 $roleObj->setDescription(ilUtil::stripSlashes($_POST["Fobject"]["desc"]));
00484                 $roleObj->setAllowRegister($_POST["Fobject"]["allow_register"]);
00485                 $roleObj->toggleAssignUsersStatus($_POST["Fobject"]["assign_users"]);
00486                 $roleObj->create();
00487                 $rbacadmin->assignRoleToFolder($roleObj->getId(), $this->rolf_ref_id,'y');
00488                 $rbacadmin->setProtected($this->rolf_ref_id,$roleObj->getId(),ilUtil::tf2yn($_POST["Fobject"]["protect_permissions"])); 
00489                 sendInfo($this->lng->txt("role_added"),true);
00490 
00491                 $this->ctrl->returnToParent($this);
00492         }
00493 
00499         function permObject()
00500         {
00501                 global $rbacadmin, $rbacreview, $rbacsystem, $objDefinition, $tree;
00502 
00503                 // for role administration check visible,write of global role folder
00504                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00505                 {
00506                         $access = $rbacsystem->checkAccess('visible,write',$this->rolf_ref_id);
00507                 }
00508                 else    // for local roles check 'edit permission' of parent object of the local role folder
00509                 {
00510                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
00511                 }
00512                         
00513                 if (!$access)
00514                 {
00515                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
00516                 }
00517                 
00518                 $perm_def = $this->object->__getPermissionDefinitions();
00519 
00520                 $rbac_objects =& $perm_def[0];
00521                 $rbac_operations =& $perm_def[1];
00522 
00523                 foreach ($rbac_objects as $key => $obj_data)
00524                 {
00525                         $rbac_objects[$key]["name"] = $this->lng->txt("obj_".$obj_data["type"]);
00526                         $rbac_objects[$key]["ops"] = $rbac_operations[$key];
00527                 }
00528                 
00529                 // for local roles display only the permissions settings for allowed subobjects
00530                 if ($this->rolf_ref_id != ROLE_FOLDER_ID)
00531                 {
00532                         // first get object in question (parent of role folder object)
00533                         $parent_data = $this->tree->getParentNodeData($this->rolf_ref_id);
00534                         // get allowed subobjects of object recursively
00535                         $subobj_data = $this->objDefinition->getSubObjectsRecursively($parent_data["type"]);
00536 
00537                         // remove not allowed object types from array but keep the type definition of object itself
00538                         foreach ($rbac_objects as $key => $obj_data)
00539                         {
00540                                 if ($obj_data["type"] == "rolf")
00541                                 {
00542                                         unset($rbac_objects[$key]);
00543                                         continue;
00544                                 }
00545                                 
00546                                 if (!$subobj_data[$obj_data["type"]] and $parent_data["type"] != $obj_data["type"])
00547                                 {
00548                                         unset($rbac_objects[$key]);
00549                                 }
00550                         }
00551                 } // end if local roles
00552                 
00553                 // now sort computed result
00554                 sort($rbac_objects);
00555                         
00556                 foreach ($rbac_objects as $key => $obj_data)
00557                 {
00558                         sort($rbac_objects[$key]["ops"]);
00559                 }
00560                 
00561                 // sort by (translated) name of object type
00562                 $rbac_objects = ilUtil::sortArray($rbac_objects,"name","asc");
00563 
00564                 // BEGIN CHECK_PERM
00565                 foreach ($rbac_objects as $key => $obj_data)
00566                 {
00567                         $arr_selected = $rbacreview->getOperationsOfRole($this->object->getId(), $obj_data["type"], $this->rolf_ref_id);
00568                         $arr_checked = array_intersect($arr_selected,array_keys($rbac_operations[$obj_data["obj_id"]]));
00569 
00570                         foreach ($rbac_operations[$obj_data["obj_id"]] as $operation)
00571                         {
00572                                 // check all boxes for system role
00573                                 if ($this->object->getId() == SYSTEM_ROLE_ID)
00574                                 {
00575                                         $checked = true;
00576                                         $disabled = true;
00577                                 }
00578                                 else
00579                                 {
00580                                         $checked = in_array($operation["ops_id"],$arr_checked);
00581                                         $disabled = false;
00582                                 }
00583 
00584                                 // Es wird eine 2-dim Post Variable �bergeben: perm[rol_id][ops_id]
00585                                 $box = ilUtil::formCheckBox($checked,"template_perm[".$obj_data["type"]."][]",$operation["ops_id"],$disabled);
00586                                 $output["perm"][$obj_data["obj_id"]][$operation["ops_id"]] = $box;
00587                         }
00588                 }
00589                 // END CHECK_PERM
00590 
00591                 $output["col_anz"] = count($rbac_objects);
00592                 $output["txt_save"] = $this->lng->txt("save");
00593                 $output["check_bottom"] = ilUtil::formCheckBox(0,"recursive",1);
00594                 $output["message_table"] = $this->lng->txt("change_existing_objects");
00595                 
00596                 $protected_disabled = true;
00597                 
00598                 if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
00599                 {
00600                         $protected_disabled = false;
00601                 }
00602                 
00603                 $output["check_protected"] = ilUtil::formCheckBox($rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()),
00604                                                                                                                         "protected",
00605                                                                                                                         1,
00606                                                                                                                         $protected_disabled);
00607                 
00608                 $output["text_protected"] = $this->lng->txt("role_protect_permissions");
00609 
00610 
00611 /************************************/
00612 /*              adopt permissions form          */
00613 /************************************/
00614 
00615                 $output["message_middle"] = $this->lng->txt("adopt_perm_from_template");
00616 
00617                 // send message for system role
00618                 if ($this->object->getId() == SYSTEM_ROLE_ID)
00619                 {
00620                         $output["adopt"] = array();
00621                         $output["sysrole_msg"] = $this->lng->txt("msg_sysrole_not_editable");
00622                 }
00623                 else
00624                 {
00625                         // BEGIN ADOPT_PERMISSIONS
00626                         $parent_role_ids = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
00627 
00628                         // Sort roles by title
00629                         $sorted_roles = ilUtil::sortArray(array_values($parent_role_ids), 'title', ASC);
00630                         $key = 0;
00631                         foreach ($sorted_roles as $par)
00632                         {
00633                                 if ($par["obj_id"] != SYSTEM_ROLE_ID)
00634                                 {
00635                                         $radio = ilUtil::formRadioButton(0,"adopt",$par["obj_id"]);
00636                                         $output["adopt"][$key]["css_row_adopt"] = ($key % 2 == 0) ? "tblrow1" : "tblrow2";
00637                                         $output["adopt"][$key]["check_adopt"] = $radio;
00638                                         $output["adopt"][$key]["role_id"] = $par["obj_id"];
00639                                         $output["adopt"][$key]["type"] = ($par["type"] == 'role' ? 'Role' : 'Template');
00640                                         $output["adopt"][$key]["role_name"] = $par["title"];
00641                                 }
00642                                 $key++;
00643                         }
00644 
00645                         $output["formaction_adopt"] = $this->ctrl->getFormAction($this);
00646                         // END ADOPT_PERMISSIONS
00647                 }
00648 
00649                 $output["formaction"] = $this->ctrl->getFormAction($this);
00650 
00651                 $this->data = $output;
00652 
00653 
00654 /************************************/
00655 /*                      generate output                 */
00656 /************************************/
00657 
00658                 $this->tpl->addBlockfile('ADM_CONTENT','adm_content','tpl.adm_perm_role.html');
00659 
00660                 foreach ($rbac_objects as $obj_data)
00661                 {
00662                         // BEGIN object_operations
00663                         $this->tpl->setCurrentBlock("object_operations");
00664 
00665                         $ops_ids = "";
00666 
00667                         foreach ($obj_data["ops"] as $operation)
00668                         {
00669                                 $ops_ids[] = $operation["ops_id"];
00670                                 
00671                                 $css_row = ilUtil::switchColor($key, "tblrow1", "tblrow2");
00672                                 $this->tpl->setVariable("CSS_ROW",$css_row);
00673                                 $this->tpl->setVariable("PERMISSION",$operation["name"]);
00674                                 if (substr($operation["title"], 0, 7) == "create_")
00675                                 {
00676                                         if ($this->objDefinition->getDevMode(substr($operation["title"], 7, strlen($operation["title"]) -7)))
00677                                         {
00678                                                 $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
00679                                         }
00680                                 }
00681                                 $this->tpl->setVariable("CHECK_PERMISSION",$this->data["perm"][$obj_data["obj_id"]][$operation["ops_id"]]);
00682                                 $this->tpl->setVariable("LABEL_ID","template_perm_".$obj_data["type"]."_".$operation["ops_id"]);
00683                                 $this->tpl->parseCurrentBlock();
00684                         } // END object_operations
00685 
00686                         // BEGIN object_type
00687                         $this->tpl->setCurrentBlock("object_type");
00688                         $this->tpl->setVariable("TXT_OBJ_TYPE",$obj_data["name"]);
00689 
00690 // TODO: move this if in a function and query all objects that may be disabled or inactive
00691                         if ($this->objDefinition->getDevMode($obj_data["type"]))
00692                         {
00693                                 $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
00694                         }
00695                         else if ($obj_data["type"] == "icrs" and !$this->ilias->getSetting("ilinc_active"))
00696                         {
00697                                 $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_enabled_or_configured").")");
00698                         }
00699                         
00700                         // js checkbox toggles
00701                         $this->tpl->setVariable("JS_VARNAME","template_perm_".$obj_data["type"]);
00702                         $this->tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($ops_ids));
00703                         $this->tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
00704                         $this->tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));                      
00705                         
00706                         $this->tpl->parseCurrentBlock();
00707                         // END object_type
00708                 }
00709 
00710                 // don't display adopt permissions form for system role
00711                 if ($this->object->getId() != SYSTEM_ROLE_ID)
00712                 {
00713                         // BEGIN ADOPT PERMISSIONS
00714                         foreach ($this->data["adopt"] as $key => $value)
00715                         {
00716                                 $this->tpl->setCurrentBlock("ADOPT_PERM_ROW");
00717                                 $this->tpl->setVariable("CSS_ROW_ADOPT",$value["css_row_adopt"]);
00718                                 $this->tpl->setVariable("CHECK_ADOPT",$value["check_adopt"]);
00719                                 $this->tpl->setVariable("LABEL_ID",$value["role_id"]);
00720                                 $this->tpl->setVariable("TYPE",$value["type"]);
00721                                 $this->tpl->setVariable("ROLE_NAME",$value["role_name"]);
00722                                 $this->tpl->parseCurrentBlock();
00723                         }
00724                         
00725                         $this->tpl->setCurrentBlock("ADOPT_PERM_FORM");
00726                         $this->tpl->setVariable("MESSAGE_MIDDLE",$this->data["message_middle"]);
00727                         $this->tpl->setVariable("FORMACTION_ADOPT",$this->data["formaction_adopt"]);
00728                         $this->tpl->parseCurrentBlock();
00729                         // END ADOPT PERMISSIONS
00730                 
00731                         $this->tpl->setCurrentBlock("tblfooter_recursive");
00732                         $this->tpl->setVariable("COL_ANZ",3);
00733                         $this->tpl->setVariable("CHECK_BOTTOM",$this->data["check_bottom"]);
00734                         $this->tpl->setVariable("MESSAGE_TABLE",$this->data["message_table"]);
00735                         $this->tpl->parseCurrentBlock();
00736                         
00737                         $this->tpl->setCurrentBlock("tblfooter_protected");
00738                         $this->tpl->setVariable("COL_ANZ",3);
00739                         $this->tpl->setVariable("CHECK_BOTTOM",$this->data["check_protected"]);
00740                         $this->tpl->setVariable("MESSAGE_TABLE",$this->data["text_protected"]);
00741                         $this->tpl->parseCurrentBlock();
00742 
00743                         $this->tpl->setCurrentBlock("tblfooter_standard");
00744                         $this->tpl->setVariable("COL_ANZ_PLUS",4);
00745                         $this->tpl->setVariable("TXT_SAVE",$this->data["txt_save"]);
00746                         $this->tpl->parseCurrentBlock();
00747                 }
00748                 else
00749                 {
00750                         // display form buttons not for system role
00751                         $this->tpl->setCurrentBlock("tblfooter_sysrole");
00752                         $this->tpl->setVariable("COL_ANZ_SYS",3);
00753                         $this->tpl->parseCurrentBlock();
00754 
00755                         // display sysrole_msg
00756                         $this->tpl->setCurrentBlock("sysrole_msg");
00757                         $this->tpl->setVariable("TXT_SYSROLE_MSG",$this->data["sysrole_msg"]);
00758                         $this->tpl->parseCurrentBlock();
00759                 }
00760                 
00761                 $this->tpl->setCurrentBlock("adm_content");
00762                 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath("icon_".$this->object->getType().".gif"));
00763                 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt($this->object->getType()));
00764                 $this->tpl->setVariable("TBL_HELP_IMG",ilUtil::getImagePath("icon_help.gif"));
00765                 $this->tpl->setVariable("TBL_HELP_LINK","tbl_help.php");
00766                 $this->tpl->setVariable("TBL_HELP_IMG_ALT",$this->lng->txt("help"));
00767                 
00768                 // compute additional information in title
00769                 $global_roles = $rbacreview->getGlobalRoles();
00770                 
00771                 if (in_array($this->object->getId(),$global_roles))
00772                 {
00773                         $desc = "global";
00774                 }
00775                 else
00776                 {
00777                         // description for autogenerated roles
00778                         $rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
00779                         $parent_node = $this->tree->getParentNodeData($rolf[0]);
00780 
00781                         $desc = $this->lng->txt("obj_".$parent_node['type'])." (#".$parent_node['obj_id'].") : ".$parent_node['title'];
00782                 }
00783                 
00784                 $description = "<br/>&nbsp;<span class=\"small\">".$desc."</span>";
00785 
00786                 // translation for autogenerated roles
00787                 if (substr($this->object->getTitle(),0,3) == "il_")
00788                 {
00789                         $title = ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")";
00790                 }
00791                 else
00792                 {
00793                         $title = $this->object->getTitle();
00794                 }
00795                                 
00796                 $this->tpl->setVariable("TBL_TITLE",$title.$description);
00797         
00798                 $this->tpl->setVariable("TXT_PERMISSION",$this->data["txt_permission"]);
00799                 $this->tpl->setVariable("FORMACTION",$this->data["formaction"]);
00800                 $this->tpl->parseCurrentBlock();
00801                 
00802                 //var_dump($this->data["formaction"]);
00803         }
00804 
00810         function permSaveObject()
00811         {
00812                 global $rbacsystem, $rbacadmin, $rbacreview, $objDefinition, $tree;
00813 
00814                 // for role administration check write of global role folder
00815                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00816                 {
00817                         $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
00818                 }
00819                 else    // for local roles check 'edit permission' of parent object of the local role folder
00820                 {
00821                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
00822                 }
00823                         
00824                 if (!$access)
00825                 {
00826                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
00827                 }
00828 
00829                 // delete all template entries
00830                 $rbacadmin->deleteRolePermission($this->object->getId(), $this->rolf_ref_id);
00831 
00832                 if (empty($_POST["template_perm"]))
00833                 {
00834                         $_POST["template_perm"] = array();
00835                 }
00836 
00837                 foreach ($_POST["template_perm"] as $key => $ops_array)
00838                 {
00839                         // sets new template permissions
00840                         $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->rolf_ref_id);
00841                 }
00842 
00843                 // update object data entry (to update last modification date)
00844                 $this->object->update();
00845 
00846                 // CHANGE ALL EXISTING OBJECT UNDER PARENT NODE OF ROLE FOLDER
00847                 // BUT DON'T CHANGE PERMISSIONS OF SUBTREE OBJECTS IF INHERITANCE WAS STOPPED
00848                 if ($_POST["recursive"])
00849                 {
00850                         // IF ROLE IS A GLOBAL ROLE START AT ROOT
00851                         if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00852                         {
00853                                 $node_id = ROOT_FOLDER_ID;
00854                         }
00855                         else
00856                         {
00857                                 $node_id = $this->tree->getParentId($this->rolf_ref_id);
00858                         }
00859 
00860                         // GET ALL SUBNODES
00861                         $node_data = $this->tree->getNodeData($node_id);
00862                         $subtree_nodes = $this->tree->getSubTree($node_data);
00863 
00864                         // GET ALL OBJECTS THAT CONTAIN A ROLE FOLDER
00865                         $all_parent_obj_of_rolf = $rbacreview->getObjectsWithStopedInheritance($this->object->getId());
00866 
00867                         // DELETE ACTUAL ROLE FOLDER FROM ARRAY
00868                         if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00869                         {
00870                                 $key = array_keys($all_parent_obj_of_rolf,SYSTEM_FOLDER_ID);
00871                         }
00872                         else
00873                         {
00874                                 $key = array_keys($all_parent_obj_of_rolf,$node_id);
00875                         }
00876 
00877                         unset($all_parent_obj_of_rolf[$key[0]]);
00878 
00879                         $check = false;
00880 
00881                         foreach ($subtree_nodes as $node)
00882                         {
00883                                 if (!$check)
00884                                 {
00885                                         if (in_array($node["child"],$all_parent_obj_of_rolf))
00886                                         {
00887                                                 $lft = $node["lft"];
00888                                                 $rgt = $node["rgt"];
00889                                                 $check = true;
00890                                                 continue;
00891                                         }
00892 
00893                                         $valid_nodes[] = $node;
00894                                 }
00895                                 else
00896                                 {
00897                                         if (($node["lft"] > $lft) && ($node["rgt"] < $rgt))
00898                                         {
00899                                                 continue;
00900                                         }
00901                                         else
00902                                         {
00903                                                 $check = false;
00904                                                 
00905                                                 if (in_array($node["child"],$all_parent_obj_of_rolf))
00906                                                 {
00907                                                         $lft = $node["lft"];
00908                                                         $rgt = $node["rgt"];
00909                                                         $check = true;
00910                                                         continue;
00911                                                 }
00912                                                 
00913                                                 $valid_nodes[] = $node;
00914                                         }
00915                                 }
00916                         }
00917 
00918                         // prepare arrays for permission settings below
00919                         foreach ($valid_nodes as $key => $node)
00920                         {
00921                                 #if(!in_array($node["type"],$to_filter))
00922                                 {
00923                                         $node_ids[] = $node["child"];
00924                                         $valid_nodes[$key]["perms"] = $_POST["template_perm"][$node["type"]];
00925                                 }
00926                         }
00927                         
00928                         // FIRST REVOKE PERMISSIONS FROM ALL VALID OBJECTS
00929                         $rbacadmin->revokePermissionList($node_ids,$this->object->getId());
00930 
00931                         // NOW SET ALL PERMISSIONS
00932                         foreach ($valid_nodes as $node)
00933                         {
00934                                 if (is_array($node["perms"]))
00935                                 {
00936                                         $rbacadmin->grantPermission($this->object->getId(),$node["perms"],$node["child"]);
00937                                 }
00938                         }
00939                 }// END IF RECURSIVE
00940                 
00941                 // set protected flag
00942                 if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
00943                 {
00944                         $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST['protected']));
00945                 }
00946 
00947                 sendInfo($this->lng->txt("saved_successfully"),true); 
00948                 $this->ctrl->redirect($this, "perm");
00949         }
00950 
00951 
00957         function adoptPermSaveObject()
00958         {
00959                 global $rbacadmin, $rbacsystem, $rbacreview, $tree;
00960 
00961                 // for role administration check write of global role folder
00962                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00963                 {
00964                         $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
00965                 }
00966                 else    // for local roles check 'edit permission' of parent object of the local role folder
00967                 {
00968                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
00969                 }
00970                         
00971                 if (!$access)
00972                 {
00973                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
00974                 }
00975 
00976                 if ($this->object->getId() == $_POST["adopt"])
00977                 {
00978                         sendInfo($this->lng->txt("msg_perm_adopted_from_itself"),true);
00979                 }
00980                 else
00981                 {
00982                         $rbacadmin->deleteRolePermission($this->object->getId(), $this->rolf_ref_id);
00983                         $parentRoles = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
00984                         $rbacadmin->copyRolePermission($_POST["adopt"],$parentRoles[$_POST["adopt"]]["parent"],
00985                                                                                    $this->rolf_ref_id,$this->object->getId());          
00986 
00987                         // update object data entry (to update last modification date)
00988                         $this->object->update();
00989 
00990                         // send info
00991                         $obj_data =& $this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
00992                         sendInfo($this->lng->txt("msg_perm_adopted_from1")." '".$obj_data->getTitle()."'.<br/>".
00993                                          $this->lng->txt("msg_perm_adopted_from2"),true);
00994                 }
00995 
00996                 $this->ctrl->redirect($this, "perm");
00997         }
00998 
01004         function assignSaveObject()
01005         {
01006         $this->assignUserObject();
01007     }
01008 
01014         function assignUserObject()
01015         {
01016         global $rbacsystem, $rbacadmin, $rbacreview;
01017 
01018                 if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01019                 {
01020                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01021                 }
01022 
01023                 if (!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
01024                         $this->rolf_ref_id != ROLE_FOLDER_ID)
01025                 {
01026                         $this->ilias->raiseError($this->lng->txt("err_role_not_assignable"),$this->ilias->error_obj->MESSAGE);
01027                 }
01028 
01029                 if (!$rbacsystem->checkAccess('write',$this->rolf_ref_id))
01030                 {
01031                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
01032                 }
01033 
01034                 if (!isset($_POST["user"]))
01035                 {
01036                         sendInfo($this->lng->txt("no_checkbox"));
01037                         $this->searchObject();
01038 
01039                         return false;
01040                 }
01041                 
01042                 $selected_users = $_POST["user"];
01043                 $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
01044                                 
01045                 // users to assign
01046                 $assigned_users_new = array_diff($selected_users,array_intersect($selected_users,$assigned_users_all));
01047                 
01048                 // selected users all already assigned. stop
01049         if (count($assigned_users_new) == 0)
01050                 {
01051                         sendInfo($this->lng->txt("msg_selected_users_already_assigned"));
01052                         $this->searchObject();
01053                         
01054                         return false;
01055                 }
01056 
01057                 // assign new users
01058         foreach ($assigned_users_new as $user)
01059                 {
01060                         $rbacadmin->assignUser($this->object->getId(),$user,false);
01061         }
01062         
01063         // update session for newly assigned users online
01064         $this->object->_updateSessionRoles($assigned_users_new);
01065 
01066         // update object data entry (to update last modification date)
01067                 $this->object->update();
01068 
01069                 sendInfo($this->lng->txt("msg_userassignment_changed"),true);
01070                 
01071                 $this->ctrl->redirect($this,'userassignment');
01072         }
01073         
01079         function deassignUserObject()
01080         {
01081         global $rbacsystem, $rbacadmin, $rbacreview;
01082 
01083                 if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01084                 {
01085                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01086                 }
01087 
01088                 if (!$rbacsystem->checkAccess('write',$this->rolf_ref_id))
01089                 {
01090                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
01091                 }
01092                 
01093         $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
01094 
01095                 if ($selected_users[0]=== NULL)
01096                 {
01097                         $this->ilias->raiseError($this->lng->txt("no_checkbox"),$this->ilias->error_obj->MESSAGE);
01098                 }
01099 
01100                 // prevent unassignment of system user from system role
01101                 if ($this->object->getId() == SYSTEM_ROLE_ID)
01102                 {
01103             if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !== false)
01104                             unset($selected_users[$admin]);
01105                 }
01106 
01107                 // check for each user if the current role is his last global role before deassigning him
01108                 $last_role = array();
01109                 $global_roles = $rbacreview->getGlobalRoles();
01110                 
01111                 foreach ($selected_users as $user)
01112                 {
01113                         $assigned_roles = $rbacreview->assignedRoles($user);
01114                         $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
01115 
01116                         if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
01117                         {
01118                                 $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
01119                                 $last_role[$user] = $userObj->getFullName();
01120                                 unset($userObj);
01121                         }
01122                 }
01123 
01124                 // raise error if last role was taken from a user...
01125                 if (count($last_role) > 0)
01126                 {
01127                         $user_list = implode(", ",$last_role);
01128                         $this->ilias->raiseError($this->lng->txt("msg_is_last_role").": ".$user_list."<br/>".$this->lng->txt("msg_min_one_role")."<br/>".$this->lng->txt("action_aborted"),$this->ilias->error_obj->MESSAGE);
01129                 }
01130                 
01131                 // ... else perform deassignment
01132                 foreach ($selected_users as $user)
01133         {
01134                         $rbacadmin->deassignUser($this->object->getId(),$user);
01135                 }
01136 
01137         // update session for newly assigned users online
01138         $this->object->_updateSessionRoles($selected_users);
01139 
01140         // update object data entry (to update last modification date)
01141                 $this->object->update();
01142 
01143                 sendInfo($this->lng->txt("msg_userassignment_changed"),true);
01144 
01145                 $this->ctrl->redirect($this,'userassignment');
01146         }
01147         
01153         function updateObject()
01154         {
01155                 global $rbacsystem, $rbacreview, $rbacadmin, $tree;
01156 
01157                 // for role administration check write of global role folder
01158                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
01159                 {
01160                         $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
01161                 }
01162                 else    // for local roles check 'edit permission' of parent object of the local role folder
01163                 {
01164                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
01165                 }
01166                         
01167                 if (!$access)
01168                 {
01169                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_role"),$this->ilias->error_obj->MESSAGE);
01170                 }
01171 
01172                 if (substr($this->object->getTitle(),0,3) != "il_")
01173                 {
01174                         // check required fields
01175                         if (empty($_POST["Fobject"]["title"]))
01176                         {
01177                                 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
01178                         }
01179         
01180                         // check if role title has il_ prefix
01181                         if (substr($_POST["Fobject"]["title"],0,3) == "il_")
01182                         {
01183                                 $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
01184                         }
01185         
01186                         // check if role title is unique
01187                         if ($rbacreview->roleExists($_POST["Fobject"]["title"],$this->object->getId()))
01188                         {
01189                                 $this->ilias->raiseError($this->lng->txt("msg_role_exists1")." '".ilUtil::stripSlashes($_POST["Fobject"]["title"])."' ".
01190                                                                                  $this->lng->txt("msg_role_exists2"),$this->ilias->error_obj->MESSAGE);
01191                         }
01192 
01193                         // update
01194                         $this->object->setTitle(ilUtil::stripSlashes($_POST["Fobject"]["title"]));
01195                         $this->object->setDescription(ilUtil::stripSlashes($_POST["Fobject"]["desc"]));
01196                 }
01197 
01198 
01199                 
01200                 // ensure that at least one role is available in the new user register form if registration is enabled
01201                 if ($_POST["Fobject"]["allow_register"] == "")
01202                 {
01203                         $roles_allowed = $this->object->_lookupRegisterAllowed();
01204 
01205                         if (count($roles_allowed) == 1 and $roles_allowed[0]['id'] == $this->object->getId())
01206                         {
01207                                 $this->ilias->raiseError($this->lng->txt("msg_last_role_for_registration"),$this->ilias->error_obj->MESSAGE);
01208                         }       
01209                 }
01210 
01211                 $this->object->setAllowRegister($_POST["Fobject"]["allow_register"]);
01212                 $this->object->toggleAssignUsersStatus($_POST["Fobject"]["assign_users"]);
01213                 $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST["Fobject"]["protect_permissions"]));    
01214                 $this->object->update();
01215                 
01216                 sendInfo($this->lng->txt("saved_successfully"),true);
01217 
01218                 $this->ctrl->redirect($this,'edit');
01219         }
01220         
01226         function editObject()
01227         {
01228                 global $rbacsystem, $rbacreview;
01229 
01230                 if (!$rbacsystem->checkAccess("write", $this->rolf_ref_id))
01231                 {
01232                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_write"),$this->ilias->error_obj->MESSAGE);
01233                 }
01234 
01235                 $this->getTemplateFile("edit");
01236 
01237                 if ($_SESSION["error_post_vars"])
01238                 {
01239                         // fill in saved values in case of error
01240                         if (substr($this->object->getTitle(false),0,3) != "il_")
01241                         {
01242                                 $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($_SESSION["error_post_vars"]["Fobject"]["title"]),true);
01243                                 $this->tpl->setVariable("DESC",ilUtil::stripSlashes($_SESSION["error_post_vars"]["Fobject"]["desc"]));
01244                         }
01245                 
01246                         $allow_register = ($_SESSION["error_post_vars"]["Fobject"]["allow_register"]) ? "checked=\"checked\"" : "";
01247                         $assign_users = ($_SESSION["error_post_vars"]["Fobject"]["assign_users"]) ? "checked=\"checked\"" : "";
01248                         $protect_permissions = ($_SESSION["error_post_vars"]["Fobject"]["protect_permissions"]) ? "checked=\"checked\"" : "";
01249                 }
01250                 else
01251                 {
01252                         if (substr($this->object->getTitle(),0,3) != "il_")
01253                         {
01254                                 $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($this->object->getTitle()));
01255                                 $this->tpl->setVariable("DESC",ilUtil::stripSlashes($this->object->getDescription()));
01256                         }
01257 
01258                         $allow_register = ($this->object->getAllowRegister()) ? "checked=\"checked\"" : "";
01259                         $assign_users = $this->object->getAssignUsersStatus() ? "checked=\"checked\"" : "";
01260                         $protect_permissions = $rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()) ? "checked=\"checked\"" : "";
01261 
01262                 }
01263 
01264                 $obj_str = "&obj_id=".$this->obj_id;
01265 
01266                 $this->tpl->setVariable("TXT_TITLE",$this->lng->txt("title"));
01267                 $this->tpl->setVariable("TXT_DESC",$this->lng->txt("desc"));
01268                 
01269                 // exclude allow register option for anonymous role, system role and all local roles
01270                 $global_roles = $rbacreview->getGlobalRoles();
01271 
01272                 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01273                 $this->tpl->setVariable("TXT_HEADER", $this->lng->txt($this->object->getType()."_edit"));
01274                 $this->tpl->setVariable("TARGET", $this->getTargetFrame("update"));
01275                 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
01276                 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
01277                 $this->tpl->setVariable("CMD_SUBMIT", "update");
01278                 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
01279                 
01280                 if (substr($this->object->getTitle(),0,3) == "il_")
01281                 {
01282                         $this->tpl->setVariable("SHOW_TITLE",ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")");
01283                         
01284                         $rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
01285                         $parent_node = $this->tree->getParentNodeData($rolf[0]);
01286 
01287                         $this->tpl->setVariable("SHOW_DESC",$this->lng->txt("obj_".$parent_node['type'])." (".$parent_node['obj_id'].") <br/>".$parent_node['title']);
01288 
01289                         $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
01290                         $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("back"));
01291                         $this->tpl->setVariable("CMD_SUBMIT", "cancel");
01292                 }
01293 
01294                 if ($this->object->getId() != ANONYMOUS_ROLE_ID and 
01295                         $this->object->getId() != SYSTEM_ROLE_ID and 
01296                         in_array($this->object->getId(),$global_roles))
01297                 {
01298                         $this->tpl->setCurrentBlock("allow_register");
01299                         $this->tpl->setVariable("TXT_ALLOW_REGISTER",$this->lng->txt("allow_register"));
01300                         $this->tpl->setVariable("ALLOW_REGISTER",$allow_register);
01301                         $this->tpl->parseCurrentBlock();
01302 
01303                         $this->tpl->setCurrentBlock("assign_users");
01304                         $this->tpl->setVariable("TXT_ASSIGN_USERS",$this->lng->txt('allow_assign_users'));
01305                         $this->tpl->setVariable("ASSIGN_USERS",$assign_users);
01306                         $this->tpl->parseCurrentBlock();
01307 
01308                         $this->tpl->setCurrentBlock("protect_permissions");
01309                         $this->tpl->setVariable("TXT_PROTECT_PERMISSIONS",$this->lng->txt('role_protect_permissions'));
01310                         $this->tpl->setVariable("PROTECT_PERMISSIONS",$protect_permissions);
01311                         $this->tpl->parseCurrentBlock();
01312                 }
01313         }
01314         
01318         function userassignmentObject()
01319         {
01320                 global $rbacreview, $rbacsystem;
01321                 
01322                 if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01323                 {
01324                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01325                 }
01326 
01327                 $assigned_users = $rbacreview->assignedUsers($this->object->getId(),array("login","firstname","lastname","usr_id"));
01328 
01329                 //if current user is admin he is able to add new members to group
01330                 $val_contact = "<img src=\"".ilUtil::getImagePath("icon_pencil_b.gif")."\" alt=\"".
01331                         $this->lng->txt("role_user_send_mail")."\" title=\"".
01332                         $this->lng->txt("role_user_send_mail")."\" border=\"0\" vspace=\"0\"/>";
01333                 $val_change = "<img src=\"".ilUtil::getImagePath("icon_change_b.gif")."\" alt=\"".
01334                         $this->lng->txt("role_user_edit")."\" title=\"".$this->lng->txt("role_user_edit")."\" border=\"0\" vspace=\"0\"/>";
01335                 $val_leave = "<img src=\"".ilUtil::getImagePath("icon_group_out_b.gif")."\" alt=\"".
01336                         $this->lng->txt("role_user_deassign")."\" title=\"".$this->lng->txt("role_user_deassign")."\" border=\"0\" vspace=\"0\"/>";
01337 
01338                 $counter = 0;
01339 
01340                 foreach ($assigned_users as $user)
01341                 {
01342                         $link_contact = "mail_new.php?type=new&rcp_to=".$user["login"];
01343                         
01344                         if ($_GET["admin_mode"] == "settings"
01345                                 && $_GET["ref_id"] != SYSTEM_FOLDER_ID)
01346                         {
01347                                 $this->ctrl->setParameterByClass("ilobjusergui", "obj_id", $user["usr_id"]); 
01348                                 $link_change = $this->ctrl->getLinkTargetByClass("ilobjusergui", "edit");
01349                         }
01350 
01351                         $this->ctrl->setParameter($this, "user_id", $user["usr_id"]);
01352                         $link_leave = $this->ctrl->getLinkTarget($this,"deassignUser");
01353 
01354             $member_functions = "";
01355 
01356             // exclude root/admin role and anon/anon
01357             if ($this->object->getId() != ANONYMOUS_ROLE_ID or $user["usr_id"] != ANONYMOUS_USER_ID)
01358                         {
01359                 //build function
01360                 $member_functions = "<a href=\"".$link_contact."\">".$val_contact."</a>";
01361                                 if($_GET["baseClass"] == 'iladministrationgui' && $_GET["admin_mode"] == "settings")
01362                                 {
01363                                         $member_functions .= "<a href=\"".$link_change."\">".$val_change."</a>";
01364                                 }
01365 
01366                 if ($this->object->getId() != SYSTEM_ROLE_ID or $user["usr_id"] != SYSTEM_USER_ID)
01367                 {
01368                     $member_functions .="<a href=\"".$link_leave."\">".$val_leave."</a>";
01369                 }
01370             }
01371 
01372                         // no check box for root/admin role and anon/anon
01373                         if (($this->object->getId() == SYSTEM_ROLE_ID and $user["usr_id"] == SYSTEM_USER_ID)
01374                 or ($this->object->getId() == ANONYMOUS_ROLE_ID and $user["usr_id"] == ANONYMOUS_USER_ID))
01375                         {
01376                 $result_set[$counter][] = "";
01377             }
01378             else
01379             {
01380                 $result_set[$counter][] = ilUtil::formCheckBox(0,"user_id[]",$user["usr_id"]);
01381             }
01382             
01383             $user_ids[$counter] = $user["usr_id"];
01384 
01385             $result_set[$counter][] = $user["login"];
01386                         $result_set[$counter][] = $user["firstname"];
01387                         $result_set[$counter][] = $user["lastname"];
01388                         $result_set[$counter][] = $member_functions;
01389 
01390                         ++$counter;
01391 
01392                         unset($member_functions);
01393                 }
01394 
01395                 return $this->__showAssignedUsersTable($result_set,$user_ids);
01396     }
01397         
01398         function __showAssignedUsersTable($a_result_set,$a_user_ids = NULL)
01399         {
01400         global $rbacsystem;
01401 
01402                 $actions = array("deassignUser"  => $this->lng->txt("remove"));
01403 
01404         $tbl =& $this->__initTableGUI();
01405                 $tpl =& $tbl->getTemplateObject();
01406 
01407                 $tpl->setCurrentBlock("tbl_form_header");
01408                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01409                 $tpl->parseCurrentBlock();
01410 
01411                 $tpl->setCurrentBlock("tbl_action_row");
01412 
01413         $tpl->setCurrentBlock("plain_button");
01414                 $tpl->setVariable("PBTN_NAME","searchUserForm");
01415                 $tpl->setVariable("PBTN_VALUE",$this->lng->txt("role_add_user"));
01416                 $tpl->parseCurrentBlock();
01417                 $tpl->setCurrentBlock("plain_buttons");
01418                 $tpl->parseCurrentBlock();
01419 
01420                 $tpl->setVariable("COLUMN_COUNTS",5);
01421                 $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("arrow_downright.gif"));
01422 
01423                 foreach ($actions as $name => $value)
01424                 {
01425                         $tpl->setCurrentBlock("tbl_action_btn");
01426                         $tpl->setVariable("BTN_NAME",$name);
01427                         $tpl->setVariable("BTN_VALUE",$value);
01428                         $tpl->parseCurrentBlock();
01429                 }
01430                         
01431                 if (!empty($a_user_ids))
01432                 {
01433                         // set checkbox toggles
01434                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01435                         $tpl->setVariable("JS_VARNAME","user_id");                      
01436                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
01437                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01438                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01439                         $tpl->parseCurrentBlock();
01440                 }
01441 
01442         $tpl->setVariable("TPLPATH",$this->tpl->tplPath);
01443                 $this->ctrl->setParameter($this,"cmd","userassignment");
01444 
01445                 // title & header columns
01446                 $tbl->setTitle($this->lng->txt("assigned_users"),"icon_usr.gif",$this->lng->txt("users"));
01447 
01448                 //user must be administrator
01449                 $tbl->setHeaderNames(array("",$this->lng->txt("username"),$this->lng->txt("firstname"),
01450                         $this->lng->txt("lastname"),$this->lng->txt("grp_options")));
01451                 $tbl->setHeaderVars(array("","login","firstname","lastname","functions"),
01452                         $this->ctrl->getParameterArray($this,"",false));
01453                 $tbl->setColumnWidth(array("","30%","30%","30%","10%"));
01454                 
01455                 $this->__setTableGUIBasicData($tbl,$a_result_set,"userassignment");
01456                 $tbl->render();
01457                 $this->tpl->setVariable("ADM_CONTENT",$tbl->tpl->get());
01458 
01459                 return true;
01460         }
01461 
01462         function &__initTableGUI()
01463         {
01464                 include_once "class.ilTableGUI.php";
01465 
01466                 return new ilTableGUI(0,false);
01467         }
01468 
01469         function __setTableGUIBasicData(&$tbl,&$result_set,$from = "")
01470         {
01471         switch($from)
01472                 {
01473                         case "group":
01474                         $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
01475                                 break;
01476 
01477                         case "role":
01478                         $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
01479                                 break;
01480 
01481                         default:
01482                                 // init sort_by (unfortunatly sort_by is preset with 'title')
01483                         if ($_GET["sort_by"] == "title" or empty($_GET["sort_by"]))
01484                 {
01485                     $_GET["sort_by"] = "login";
01486                 }
01487                 $order = $_GET["sort_by"];
01488                                 break;
01489                 }
01490 
01491                 $tbl->setOrderColumn($order);
01492                 $tbl->setOrderDirection($_GET["sort_order"]);
01493                 $tbl->setOffset($_GET["offset"]);
01494                 $tbl->setLimit($_GET["limit"]);
01495                 $tbl->setFooter("tblfooter",$this->lng->txt("previous"),$this->lng->txt("next"));
01496                 $tbl->setData($result_set);
01497         }
01498 
01499         function searchUserFormObject()
01500         {
01501                 global $rbacsystem;
01502 
01503                 if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01504                 {
01505                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01506                 }
01507 
01508                 $this->lng->loadLanguageModule('search');
01509 
01510                 $this->tpl->addBlockFile("ADM_CONTENT","adm_content","tpl.role_users_search.html");
01511 
01512                 $this->tpl->setVariable("F_ACTION",$this->ctrl->getFormAction($this));
01513                 $this->tpl->setVariable("SEARCH_ASSIGN_USR",$this->lng->txt("role_search_users"));
01514                 $this->tpl->setVariable("SEARCH_SEARCH_TERM",$this->lng->txt("search_search_term"));
01515                 $this->tpl->setVariable("SEARCH_VALUE",$_SESSION["role_search_str"] ? $_SESSION["role_search_str"] : "");
01516                 $this->tpl->setVariable("SEARCH_FOR",$this->lng->txt("exc_search_for"));
01517                 $this->tpl->setVariable("SEARCH_ROW_TXT_USER",$this->lng->txt("exc_users"));
01518                 $this->tpl->setVariable("SEARCH_ROW_TXT_ROLE",$this->lng->txt("exc_roles"));
01519                 $this->tpl->setVariable("SEARCH_ROW_TXT_GROUP",$this->lng->txt("exc_groups"));
01520                 $this->tpl->setVariable("BTN2_VALUE",$this->lng->txt("cancel"));
01521                 $this->tpl->setVariable("BTN1_VALUE",$this->lng->txt("search"));
01522 
01523         $usr = ($_POST["search_for"] == "usr" || $_POST["search_for"] == "") ? 1 : 0;
01524                 $grp = ($_POST["search_for"] == "grp") ? 1 : 0;
01525                 $role = ($_POST["search_for"] == "role") ? 1 : 0;
01526 
01527                 $this->tpl->setVariable("SEARCH_ROW_CHECK_USER",ilUtil::formRadioButton($usr,"search_for","usr"));
01528                 $this->tpl->setVariable("SEARCH_ROW_CHECK_ROLE",ilUtil::formRadioButton($role,"search_for","role"));
01529         $this->tpl->setVariable("SEARCH_ROW_CHECK_GROUP",ilUtil::formRadioButton($grp,"search_for","grp"));
01530 
01531                 $this->__unsetSessionVariables();
01532         }
01533 
01534         function __unsetSessionVariables()
01535         {
01536                 unset($_SESSION["role_delete_member_ids"]);
01537                 unset($_SESSION["role_delete_subscriber_ids"]);
01538                 unset($_SESSION["role_search_str"]);
01539                 unset($_SESSION["role_search_for"]);
01540                 unset($_SESSION["role_role"]);
01541                 unset($_SESSION["role_group"]);
01542                 unset($_SESSION["role_archives"]);
01543         }
01544 
01549         function cancelObject()
01550         {
01551                 sendInfo($this->lng->txt("action_aborted"),true);
01552                 
01553                 if ($_GET["new_type"] != "role")
01554                 {
01555                         $this->ctrl->redirect($this, "userassignment");
01556                 }
01557                 else
01558                 {
01559                         $this->ctrl->redirectByClass("ilobjrolefoldergui","view");
01560                 }
01561         }
01562 
01563         function searchObject()
01564         {
01565                 global $rbacsystem, $tree;
01566 
01567                 if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01568                 {
01569                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01570                 }
01571 
01572                 $_SESSION["role_search_str"] = $_POST["search_str"] = $_POST["search_str"] ? $_POST["search_str"] : $_SESSION["role_search_str"];
01573                 $_SESSION["role_search_for"] = $_POST["search_for"] = $_POST["search_for"] ? $_POST["search_for"] : $_SESSION["role_search_for"];
01574 
01575                 if (!isset($_POST["search_for"]) or !isset($_POST["search_str"]))
01576                 {
01577                         sendInfo($this->lng->txt("role_search_enter_search_string"));
01578                         $this->searchUserFormObject();
01579 
01580                         return false;
01581                 }
01582 
01583                 if (!count($result = $this->__search(ilUtil::stripSlashes($_POST["search_str"]),$_POST["search_for"])))
01584                 {
01585                         sendInfo($this->lng->txt("role_no_results_found"));
01586                         $this->searchUserFormObject();
01587 
01588                         return false;
01589                 }
01590 
01591                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
01592                 $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
01593 
01594                 $counter = 0;
01595                 $f_result = array();
01596 
01597                 switch($_POST["search_for"])
01598                 {
01599                 case "usr":
01600                                 foreach($result as $user)
01601                                 {
01602                                         if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user["id"],false))
01603                                         {
01604                                                 continue;
01605                                         }
01606                                         
01607                                         $user_ids[$counter] = $user["id"];
01608                                         
01609                                         $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user["id"]);
01610                                         $f_result[$counter][] = $tmp_obj->getLogin();
01611                                         $f_result[$counter][] = $tmp_obj->getFirstname();
01612                                         $f_result[$counter][] = $tmp_obj->getLastname();
01613 
01614                                         unset($tmp_obj);
01615                                         ++$counter;
01616                                 }
01617                                 $this->__showSearchUserTable($f_result,$user_ids);
01618 
01619                                 return true;
01620 
01621                         case "role":
01622                                 foreach($result as $role)
01623                                 {
01624                     // exclude anonymous role
01625                     if ($role["id"] == ANONYMOUS_ROLE_ID)
01626                     {
01627                         continue;
01628                     }
01629 
01630                     if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($role["id"],false))
01631                                         {
01632                                                 continue;
01633                                         }
01634 
01635                                     // exclude roles with no users assigned to
01636                     if ($tmp_obj->getCountMembers() == 0)
01637                     {
01638                         continue;
01639                     }
01640 
01641                                         $role_ids[$counter] = $role["id"];
01642 
01643                                         $f_result[$counter][] = ilUtil::formCheckbox(0,"role[]",$role["id"]);
01644                                         $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
01645                                         $f_result[$counter][] = $tmp_obj->getCountMembers();
01646 
01647                                         unset($tmp_obj);
01648                                         ++$counter;
01649                                 }
01650 
01651                                 $this->__showSearchRoleTable($f_result,$role_ids);
01652 
01653                                 return true;
01654 
01655                         case "grp":
01656                                 foreach($result as $group)
01657                                 {
01658                                         if(!$tree->isInTree($group["id"]))
01659                                         {
01660                                                 continue;
01661                                         }
01662 
01663                                         if(!$tmp_obj = ilObjectFactory::getInstanceByRefId($group["id"],false))
01664                                         {
01665                                                 continue;
01666                                         }
01667 
01668                     // exclude myself :-)
01669                     if ($tmp_obj->getId() == $this->object->getId())
01670                     {
01671                         continue;
01672                     }
01673 
01674                                         $grp_ids[$counter] = $group["id"];
01675 
01676                                         $f_result[$counter][] = ilUtil::formCheckbox(0,"group[]",$group["id"]);
01677                                         $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
01678                                         $f_result[$counter][] = $tmp_obj->getCountMembers();
01679 
01680                                         unset($tmp_obj);
01681                                         ++$counter;
01682                                 }
01683                                 $this->__showSearchGroupTable($f_result,$grp_ids);
01684 
01685                                 return true;
01686                 }
01687         }
01688 
01689         function __search($a_search_string,$a_search_for)
01690         {
01691                 include_once("class.ilSearch.php");
01692 
01693                 $this->lng->loadLanguageModule("content");
01694                 $search =& new ilSearch($_SESSION["AccountId"]);
01695                 $search->setPerformUpdate(false);
01696                 $search->setSearchString(ilUtil::stripSlashes($a_search_string));
01697                 $search->setCombination("and");
01698                 $search->setSearchFor(array(0 => $a_search_for));
01699                 $search->setSearchType('new');
01700 
01701                 if ($search->validate($message))
01702                 {
01703                         $search->performSearch();
01704                 }
01705                 else
01706                 {
01707                         sendInfo($message,true);
01708                         $this->ctrl->redirect($this,"searchUserForm");
01709                 }
01710 
01711                 return $search->getResultByType($a_search_for);
01712         }
01713 
01714         function __showSearchUserTable($a_result_set,$a_user_ids = NULL,$a_cmd = "search")
01715         {
01716         $return_to  = "searchUserForm";
01717 
01718         if ($a_cmd == "listUsersRole" or $a_cmd == "listUsersGroup")
01719         {
01720             $return_to = "search";
01721         }
01722 
01723                 $tbl =& $this->__initTableGUI();
01724                 $tpl =& $tbl->getTemplateObject();
01725 
01726                 // SET FORMACTION
01727                 $tpl->setCurrentBlock("tbl_form_header");
01728                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01729                 $tpl->parseCurrentBlock();
01730 
01731                 $tpl->setCurrentBlock("tbl_action_btn");
01732                 $tpl->setVariable("BTN_NAME",$return_to);
01733                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
01734                 $tpl->parseCurrentBlock();
01735 
01736                 $tpl->setCurrentBlock("tbl_action_btn");
01737                 $tpl->setVariable("BTN_NAME","assignUser");
01738                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("add"));
01739                 $tpl->parseCurrentBlock();
01740 
01741                 if (!empty($a_user_ids))
01742                 {               
01743                         // set checkbox toggles
01744                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01745                         $tpl->setVariable("JS_VARNAME","user");                 
01746                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
01747                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01748                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01749                         $tpl->parseCurrentBlock();
01750                 }
01751 
01752                 $tpl->setCurrentBlock("tbl_action_row");
01753                 $tpl->setVariable("COLUMN_COUNTS",4);
01754                 $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
01755                 $tpl->parseCurrentBlock();
01756 
01757                 $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
01758                 $tbl->setHeaderNames(array("",
01759                                                                    $this->lng->txt("username"),
01760                                                                    $this->lng->txt("firstname"),
01761                                                                    $this->lng->txt("lastname")));
01762                 $tbl->setHeaderVars(array("",
01763                                                                   "login",
01764                                                                   "firstname",
01765                                                                   "lastname"),
01766                                                         $this->ctrl->getParameterArray($this,$a_cmd,false));
01767                         //array("ref_id" => $this->rolf_ref_id,
01768                         //  "obj_id" => $this->object->getId(),
01769                         // "cmd" => $a_cmd,
01770                         //"cmdClass" => "ilobjrolegui",
01771                         // "cmdNode" => $_GET["cmdNode"]));
01772 
01773                 $tbl->setColumnWidth(array("","33%","33%","33%"));
01774 
01775                 $this->__setTableGUIBasicData($tbl,$a_result_set);
01776                 $tbl->render();
01777 
01778                 $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
01779 
01780                 return true;
01781         }
01782 
01783         function __showSearchRoleTable($a_result_set,$a_role_ids = NULL)
01784         {
01785                 $tbl =& $this->__initTableGUI();
01786                 $tpl =& $tbl->getTemplateObject();
01787 
01788                 $tpl->setCurrentBlock("tbl_form_header");
01789                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01790                 $tpl->parseCurrentBlock();
01791 
01792                 $tpl->setCurrentBlock("tbl_action_btn");
01793                 $tpl->setVariable("BTN_NAME","searchUserForm");
01794                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
01795                 $tpl->parseCurrentBlock();
01796 
01797                 $tpl->setCurrentBlock("tbl_action_btn");
01798                 $tpl->setVariable("BTN_NAME","listUsersRole");
01799                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("role_list_users"));
01800                 $tpl->parseCurrentBlock();
01801                 
01802                 if (!empty($a_role_ids))
01803                 {
01804                         // set checkbox toggles
01805                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01806                         $tpl->setVariable("JS_VARNAME","role");                 
01807                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_role_ids));
01808                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01809                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01810                         $tpl->parseCurrentBlock();
01811                 }
01812 
01813                 $tpl->setCurrentBlock("tbl_action_row");
01814                 $tpl->setVariable("COLUMN_COUNTS",4);
01815                 $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
01816                 $tpl->parseCurrentBlock();
01817 
01818                 $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
01819                 $tbl->setHeaderNames(array("",
01820                                                                    $this->lng->txt("obj_role"),
01821                                                                    $this->lng->txt("role_count_users")));
01822                 $tbl->setHeaderVars(array("",
01823                                                                   "title",
01824                                                                   "nr_members"),
01825                                                         $this->ctrl->getParameterArray($this,"search",false));
01826                         //array("ref_id" => $this->rolf_ref_id,
01827                         //"obj_id" => $this->object->getId(),
01828                         //"cmd" => "search",
01829                         //"cmdClass" => "ilobjrolegui",
01830                         //"cmdNode" => $_GET["cmdNode"]));
01831 
01832                 $tbl->setColumnWidth(array("","80%","19%"));
01833 
01834 
01835                 $this->__setTableGUIBasicData($tbl,$a_result_set,"role");
01836                 $tbl->render();
01837 
01838                 $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
01839 
01840                 return true;
01841         }
01842 
01843         function __showSearchGroupTable($a_result_set,$a_grp_ids = NULL)
01844         {
01845         $tbl =& $this->__initTableGUI();
01846                 $tpl =& $tbl->getTemplateObject();
01847 
01848                 $tpl->setCurrentBlock("tbl_form_header");
01849                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01850                 $tpl->parseCurrentBlock();
01851 
01852                 $tpl->setCurrentBlock("tbl_action_btn");
01853                 $tpl->setVariable("BTN_NAME","searchUserForm");
01854                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
01855                 $tpl->parseCurrentBlock();
01856 
01857                 $tpl->setCurrentBlock("tbl_action_btn");
01858                 $tpl->setVariable("BTN_NAME","listUsersGroup");
01859                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("grp_list_users"));
01860                 $tpl->parseCurrentBlock();
01861                 
01862                 if (!empty($a_grp_ids))
01863                 {
01864                         // set checkbox toggles
01865                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01866                         $tpl->setVariable("JS_VARNAME","group");                        
01867                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_grp_ids));
01868                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01869                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01870                         $tpl->parseCurrentBlock();
01871                 }
01872 
01873                 $tpl->setCurrentBlock("tbl_action_row");
01874                 $tpl->setVariable("COLUMN_COUNTS",4);
01875                 $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
01876                 $tpl->parseCurrentBlock();
01877 
01878                 $tbl->setTitle($this->lng->txt("grp_header_edit_members"),"icon_usr.gif",$this->lng->txt("grp_header_edit_members"));
01879                 $tbl->setHeaderNames(array("",
01880                                                                    $this->lng->txt("obj_grp"),
01881                                                                    $this->lng->txt("grp_count_members")));
01882                 $tbl->setHeaderVars(array("",
01883                                                                   "title",
01884                                                                   "nr_members"),
01885                                                         array("ref_id" => $this->rolf_ref_id,
01886                                   "obj_id" => $this->object->getId(),
01887                                                                   "cmd" => "search",
01888                                                                   "cmdClass" => "ilobjrolegui",
01889                                                                   "cmdNode" => $_GET["cmdNode"]));
01890 
01891                 $tbl->setColumnWidth(array("","80%","19%"));
01892 
01893 
01894                 $this->__setTableGUIBasicData($tbl,$a_result_set,"group");
01895                 $tbl->render();
01896 
01897                 $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
01898 
01899                 return true;
01900         }
01901 
01902         function listUsersRoleObject()
01903         {
01904                 global $rbacsystem,$rbacreview;
01905 
01906                 $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
01907 
01908                 if (!is_array($_POST["role"]))
01909                 {
01910                         sendInfo($this->lng->txt("role_no_roles_selected"));
01911                         $this->searchObject();
01912 
01913                         return false;
01914                 }
01915 
01916                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
01917                 $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
01918 
01919                 // GET ALL MEMBERS
01920                 $members = array();
01921 
01922                 foreach ($_POST["role"] as $role_id)
01923                 {
01924                         $members = array_merge($rbacreview->assignedUsers($role_id),$members);
01925                 }
01926 
01927                 $members = array_unique($members);
01928 
01929                 // FORMAT USER DATA
01930                 $counter = 0;
01931                 $f_result = array();
01932 
01933                 foreach($members as $user)
01934                 {
01935                         if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
01936                         {
01937                                 continue;
01938                         }
01939                         
01940                         $user_ids[$counter] = $user;
01941                         
01942                         // TODO: exclude anonymous user
01943                         $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
01944                         $f_result[$counter][] = $tmp_obj->getLogin();
01945                         $f_result[$counter][] = $tmp_obj->getFirstname();
01946                         $f_result[$counter][] = $tmp_obj->getLastname();
01947 
01948                         unset($tmp_obj);
01949                         ++$counter;
01950                 }
01951 
01952                 $this->__showSearchUserTable($f_result,$user_ids,"listUsersRole");
01953 
01954                 return true;
01955         }
01956 
01957         function listUsersGroupObject()
01958         {
01959                 global $rbacsystem,$rbacreview,$tree;
01960 
01961                 $_SESSION["role_group"] = $_POST["group"] = $_POST["group"] ? $_POST["group"] : $_SESSION["role_group"];
01962 
01963                 if (!is_array($_POST["group"]))
01964                 {
01965                         sendInfo($this->lng->txt("role_no_groups_selected"));
01966                         $this->searchObject();
01967 
01968                         return false;
01969                 }
01970 
01971                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
01972                 $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
01973 
01974                 // GET ALL MEMBERS
01975                 $members = array();
01976 
01977                 foreach ($_POST["group"] as $group_id)
01978                 {
01979                         if (!$tree->isInTree($group_id))
01980                         {
01981                                 continue;
01982                         }
01983                         if (!$tmp_obj = ilObjectFactory::getInstanceByRefId($group_id))
01984                         {
01985                                 continue;
01986                         }
01987 
01988                         $members = array_merge($tmp_obj->getGroupMemberIds(),$members);
01989 
01990                         unset($tmp_obj);
01991                 }
01992 
01993                 $members = array_unique($members);
01994 
01995                 // FORMAT USER DATA
01996                 $counter = 0;
01997                 $f_result = array();
01998 
01999                 foreach($members as $user)
02000                 {
02001                         if (!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
02002                         {
02003                                 continue;
02004                         }
02005                         
02006                         $user_ids[$counter] = $user;                    
02007 
02008                         $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
02009                         $f_result[$counter][] = $tmp_obj->getLogin();
02010                         $f_result[$counter][] = $tmp_obj->getFirstname();
02011                         $f_result[$counter][] = $tmp_obj->getLastname();
02012 
02013                         unset($tmp_obj);
02014                         ++$counter;
02015                 }
02016 
02017                 $this->__showSearchUserTable($f_result,$user_ids,"listUsersGroup");
02018 
02019                 return true;
02020         }
02021 
02022 
02023         function __formatPath($a_path_arr)
02024         {
02025                 $counter = 0;
02026 
02027                 foreach ($a_path_arr as $data)
02028                 {
02029                         if ($counter++)
02030                         {
02031                                 $path .= " -> ";
02032                         }
02033 
02034                         $path .= $data['title'];
02035                 }
02036 
02037                 if (strlen($path) > 50)
02038                 {
02039                         return '...'.substr($path,-50);
02040                 }
02041 
02042                 return $path;
02043         }
02044 
02045         function __prepareOutput()
02046         {
02047                 // output objects
02048                 //$this->tpl->addBlockFile("CONTENT", "content", "tpl.role.html");
02049                 $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
02050                 $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
02051 
02052                 // output locator
02053                 //$this->__setLocator();
02054 
02055                 // output message
02056                 if ($this->message)
02057                 {
02058                         sendInfo($this->message);
02059                 }
02060 
02061                 // display infopanel if something happened
02062                 infoPanel();
02063 
02064                 // set header
02065                 $this->__setHeader();
02066         }
02067 
02068         function __setHeader()
02069         {
02070                 include_once './classes/class.ilTabsGUI.php';
02071 
02072                 $this->tpl->setTitle($this->lng->txt('role'));
02073                 $this->tpl->setDescription($this->object->getTitle());
02074                 $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.gif"));
02075 
02076                 #$tabs_gui =& new ilTabsGUI();
02077                 $this->getTabs($this->tabs_gui);
02078 
02079                 // output tabs
02080                 #$this->tpl->setVariable("TABS", $tabs_gui->getHTML());
02081         }
02082 
02083         function __setLocator()
02084         {
02085                 global $tree, $ilias_locator;
02086                 
02087                 return;
02088                 
02089                 $this->tpl->addBlockFile("LOCATOR", "locator", "tpl.locator.html");
02090 
02091                 $counter = 0;
02092 
02093                 foreach ($tree->getPathFull($this->rolf_ref_id) as $key => $row)
02094                 {
02095                         if ($counter++)
02096                         {
02097                                 $this->tpl->touchBlock('locator_separator_prefix');
02098                         }
02099 
02100                         $this->tpl->setCurrentBlock("locator_item");
02101 
02102                         if ($row["type"] == 'rolf')
02103                         {
02104                                 $this->tpl->setVariable("ITEM",$this->object->getTitle());
02105                                 $this->tpl->setVariable("LINK_ITEM",$this->ctrl->getLinkTarget($this));
02106                         }
02107                         elseif ($row["child"] != $tree->getRootId())
02108                         {
02109                                 $this->tpl->setVariable("ITEM", $row["title"]);
02110                                 $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
02111                         }
02112                         else
02113                         {
02114                                 $this->tpl->setVariable("ITEM", $this->lng->txt("repository"));
02115                                 $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
02116                         }
02117 
02118                         $this->tpl->parseCurrentBlock();
02119                 }
02120 
02121                 $this->tpl->setVariable("TXT_LOCATOR",$this->lng->txt("locator"));
02122                 $this->tpl->parseCurrentBlock();
02123         }
02124         
02129         function addAdminLocatorItems()
02130         {
02131                 global $ilLocator;
02132 
02133                 if ($_GET["admin_mode"] == "settings")  // system settings
02134                 {               
02135                         $ilLocator->addItem($this->lng->txt("administration"),
02136                                 $this->ctrl->getLinkTargetByClass("iladministrationgui", "frameset"),
02137                                 ilFrameTargetInfo::_getFrame("MainContent"));
02138                                 
02139                         $ilLocator->addItem($this->lng->txt("obj_".ilObject::_lookupType(
02140                                 ilObject::_lookupObjId($_GET["ref_id"]))),
02141                                 $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
02142                         
02143                         if ($_GET["obj_id"] > 0)
02144                         {
02145                                 $ilLocator->addItem($this->object->getTitle(),
02146                                         $this->ctrl->getLinkTarget($this, "view"));
02147                         }
02148                 }
02149         }
02150         
02151         function showUpperIcon()
02152         {
02153                 global $tree, $tpl, $objDefinition;
02154                 
02155                 if (strtolower($_GET["baseClass"]) == "iladministrationgui")
02156                 {
02157                         if ($_GET["admin_mode"] == "settings"
02158                                 && $_GET["ref_id"] != SYSTEM_FOLDER_ID)
02159                         {
02160                                 $tpl->setUpperIcon(
02161                                         $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
02162                         }
02163                 }
02164                 else
02165                 {               
02166                         if ($this->object->getRefId() != ROOT_FOLDER_ID &&
02167                                 $this->object->getRefId() != SYSTEM_FOLDER_ID)
02168                         {
02169                                 $par_id = $tree->getParentId($this->object->getRefId());
02170                                 $tpl->setUpperIcon("repository.php?ref_id=".$par_id);
02171                         }
02172                 }
02173         }
02174 
02175 
02176 
02177         function getTabs(&$tabs_gui)
02178         {
02179                 global $rbacsystem,$rbacreview;
02180 
02181                 $base_role_folder = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
02182 //var_dump($base_role_folder);
02183 //echo "-".$this->rolf_ref_id."-";
02184 
02185                 $activate_role_edit = false;
02186                 
02187                 // todo: activate the following (allow editing of local roles in
02188                 // roles administration)
02189                 //if (in_array($this->rolf_ref_id,$base_role_folder))
02190                 if (in_array($this->rolf_ref_id,$base_role_folder) ||
02191                         (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
02192                         $_GET["admin_mode"] == "settings"))
02193                 {
02194                         $activate_role_edit = true;
02195                 }
02196 
02197                 // not so nice (workaround for using tabs in repository)
02198                 $tabs_gui->clearTargets();
02199                 
02200                 if ($this->back_target != "")
02201                 {
02202                         $tabs_gui->setBackTarget(
02203                                 $this->back_target["text"],$this->back_target["link"]);
02204                 }
02205 
02206                 if ($rbacsystem->checkAccess('write',$this->rolf_ref_id) && $activate_role_edit)
02207                 {
02208                         $tabs_gui->addTarget("edit_properties",
02209                                 $this->ctrl->getLinkTarget($this, "edit"), array("edit","update"), get_class($this));
02210                 }
02211 
02212                 if ($rbacsystem->checkAccess('write',$this->rolf_ref_id))
02213                 {
02214                         $force_active = ($_GET["cmd"] == "perm" || $_GET["cmd"] == "")
02215                                 ? true
02216                                 : false;
02217                         $tabs_gui->addTarget("default_perm_settings",
02218                                 $this->ctrl->getLinkTarget($this, "perm"), array("perm", "adoptPermSave", "permSave"),
02219                                 get_class($this),
02220                                 "", $force_active);
02221                 }
02222 
02223                 if ($rbacsystem->checkAccess('write',$this->rolf_ref_id) && $activate_role_edit)
02224                 {
02225                         $tabs_gui->addTarget("user_assignment",
02226                                 $this->ctrl->getLinkTarget($this, "userassignment"),
02227                                 array("deassignUser", "userassignment", "assignUser", "searchUserForm", "search"),
02228                                 get_class($this));
02229                 }
02230 
02231                 if ($rbacsystem->checkAccess('write',$this->rolf_ref_id) && $activate_role_edit)
02232                 {
02233                         $tabs_gui->addTarget("desktop_items",
02234                                 $this->ctrl->getLinkTarget($this, "listDesktopItems"),
02235                                 array("listDesktopItems", "deleteDesktopItems", "selectDesktopItem", "askDeleteDesktopItem"),
02236                                 get_class($this));
02237                 }
02238         }
02239 } // END class.ilObjRoleGUI
02240 ?>