00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00037 class ilPermissionGUI
00038 {
00046 function ilPermissionGUI(&$a_gui_obj)
00047 {
00048 global $ilias, $objDefinition, $tpl, $tree, $ilCtrl, $ilErr, $lng;
00049
00050 if (!isset($ilErr))
00051 {
00052 $ilErr = new ilErrorHandling();
00053 $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
00054 }
00055 else
00056 {
00057 $this->ilErr =& $ilErr;
00058 }
00059
00060 $this->ilias =& $ilias;
00061 $this->objDefinition =& $objDefinition;
00062 $this->tree =& $tree;
00063 $this->tpl =& $tpl;
00064 $this->lng =& $lng;
00065 $this->lng->loadLanguageModule("rbac");
00066
00067 $this->ctrl =& $ilCtrl;
00068
00069 $this->gui_obj =& $a_gui_obj;
00070
00071 $this->roles = array();
00072 $this->num_roles = 0;
00073 }
00074
00075
00076 function &executeCommand()
00077 {
00078 global $rbacsystem, $ilErr;
00079
00080
00081 if (!$rbacsystem->checkAccess("edit_permission",$this->gui_obj->object->getRefId()))
00082 {
00083 $ilErr->raiseError($this->lng->txt("permission_denied"),$ilErr->MESSAGE);
00084 }
00085
00086 $next_class = $this->ctrl->getNextClass($this);
00087
00088 switch($next_class)
00089 {
00090 case "ilobjrolegui":
00091 include_once("classes/class.ilObjRoleGUI.php");
00092 $this->gui_obj = new ilObjRoleGUI("",(int) $_GET["obj_id"], false, false);
00093 $this->gui_obj->setBackTarget($this->lng->txt("perm_settings"),
00094 $this->ctrl->getLinkTarget($this, "perm"));
00095 $ret =& $this->ctrl->forwardCommand($this->gui_obj);
00096 break;
00097
00098 default:
00099 $cmd = $this->ctrl->getCmd();
00100 $this->$cmd();
00101 break;
00102 }
00103
00104 return true;
00105 }
00106
00112 function perm()
00113 {
00114 global $rbacsystem, $rbacreview;
00115
00116 $this->getRolesData();
00117
00119
00121 $this->__initSubTabs("perm");
00122
00123 $this->gui_obj->getTemplateFile("perm");
00124
00125 $this->num_roles = count($this->roles);
00126
00127
00128 $this->tpl->setCurrentBlock("filter");
00129 $this->tpl->setVariable("FILTER_TXT_FILTER",$this->lng->txt('filter'));
00130 $this->tpl->setVariable("SELECT_FILTER",$this->__buildRoleFilterSelect());
00131 $this->tpl->setVariable("FILTER_ACTION",$this->ctrl->getFormAction($this)."&cmd=perm");
00132 $this->tpl->setVariable("FILTER_NAME",'view');
00133 $this->tpl->setVariable("FILTER_VALUE",$this->lng->txt('apply_filter'));
00134 $this->tpl->parseCurrentBlock();
00135
00136
00137 if ($this->num_roles < 1)
00138 {
00139 ilUtil::sendInfo($this->lng->txt("msg_no_roles_of_type"),false);
00140 $this->__displayAddRoleForm();
00141 return true;
00142 }
00143
00144 $this->tpl->addBlockFile("PERM_PERMISSIONS", "permissions", "tpl.obj_perm_permissions.html");
00145
00146 $this->tpl->setVariable("TXT_TITLE", $this->lng->txt("permission_settings"));
00147 $this->tpl->setVariable("IMG_PERM", ilUtil::getImagePath("icon_perm.gif"));
00148 $this->tpl->setVariable("TXT_TITLE_INFO",
00149 sprintf($this->lng->txt("permission_settings_info"),
00150 $this->gui_obj->object->getTitle()
00151 ));
00152 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00153 $this->tpl->setVariable("FORMACTION",
00154 $this->gui_obj->getFormAction("permSave",$this->ctrl->getLinkTarget($this,"permSave")));
00155 $this->tpl->setVariable("TXT_SAVE", $this->lng->txt("save"));
00156
00157
00158 $global_roles = $rbacreview->getGlobalRoles();
00159
00160 foreach ($this->roles as $role)
00161 {
00162 $tmp_role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00163 $tmp_local_roles = array();
00164
00165 if ($tmp_role_folder)
00166 {
00167 $tmp_local_roles = $rbacreview->getRolesOfRoleFolder($tmp_role_folder["ref_id"]);
00168 }
00169
00170
00171 if ($role['protected'] == false and in_array($role['obj_id'],$tmp_local_roles))
00172 {
00173 $role_folder_data = $rbacreview->getRoleFolderOfObject($_GET['ref_id']);
00174 $role_folder_id = $role_folder_data['ref_id'];
00175
00176
00177 $this->tpl->setCurrentBlock("rolelink_open");
00178
00179 $up_path = defined('ILIAS_MODULE') ? "../" : "";
00180 $this->ctrl->setParameterByClass("ilobjrolegui", "obj_id",
00181 $role['obj_id']);
00182 $this->ctrl->setParameterByClass("ilobjrolegui", "rolf_ref_id",
00183 $role_folder_id);
00184 $this->tpl->setVariable("LINK_ROLE_RULESET",
00185 $this->ctrl->getLinkTargetByClass("ilobjrolegui", "perm"));
00186
00187 $this->tpl->setVariable("TXT_ROLE_RULESET",$this->lng->txt("edit_perm_ruleset"));
00188 $this->tpl->parseCurrentBlock();
00189
00190 $this->tpl->touchBlock("rolelink_close");
00191 }
00192
00193 $this->tpl->setCurrentBlock("role_infos");
00194
00195
00196 include_once ('class.ilObjRole.php');
00197 $this->tpl->setVariable("ROLE_NAME",str_replace(" "," ",ilObjRole::_getTranslation($role["title"])));
00198
00199
00200
00201 if (in_array($role["obj_id"],$global_roles))
00202 {
00203 $this->tpl->setVariable("ROLE_CONTEXT_TYPE","global");
00204 }
00205 else
00206 {
00207 $rolf = $rbacreview->getFoldersAssignedToRole($role["obj_id"],true);
00208 $parent_node = $this->tree->getParentNodeData($rolf[0]);
00209
00210
00211 $this->tpl->setVariable("ROLE_CONTEXT_TYPE",$parent_node["title"]);
00212 }
00213
00214 $this->tpl->parseCurrentBlock();
00215 }
00216 $this->ctrl->clearParametersByClass("ilobjrolegui");
00217
00218
00219
00220
00221 $this->__showPermissionsGeneralSection();
00222
00223
00224 $this->__showPermissionsObjectSection();
00225
00226
00227 $this->__showPermissionsRBACSection();
00228
00229
00230 $this->__showPermissionsCreateSection();
00231
00232 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00233
00234
00235 $this->__displayAddRoleForm();
00236 }
00237
00238
00244 function permSave()
00245 {
00246 global $rbacreview, $rbacadmin, $rbacsystem;
00247
00248
00249 $this->getRolesData();
00250 foreach($this->roles as $role_id => $data)
00251 {
00252 $rbacadmin->revokePermission($this->gui_obj->object->getRefId(),$role_id);
00253 }
00254
00255 if (is_array($_POST["perm"]))
00256 {
00257 foreach ($_POST["perm"] as $key => $new_role_perms)
00258 {
00259 $rbacadmin->grantPermission($key,$new_role_perms,$this->gui_obj->object->getRefId());
00260 }
00261 }
00262
00263
00264 $this->gui_obj->object->update();
00265
00266
00267
00268
00269
00270
00271
00272
00273
00274 $rolf_data = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00275 $rolf_id = $rolf_data["child"];
00276
00277 $stop_inherit_roles = $_POST["stop_inherit"] ? $_POST["stop_inherit"] : array();
00278
00279 if ($stop_inherit_roles)
00280 {
00281
00282 if (empty($rolf_id))
00283 {
00284
00285 $rfoldObj = $this->gui_obj->object->createRoleFolder();
00286
00287
00288 $rolf_id = $rfoldObj->getRefId();
00289 }
00290
00291 $roles_of_folder = $rbacreview->getRolesOfRoleFolder($rolf_id);
00292
00293 foreach ($stop_inherit_roles as $stop_inherit)
00294 {
00295
00296 if (!in_array($stop_inherit,$roles_of_folder))
00297 {
00298 $parentRoles = $rbacreview->getParentRoleIds($rolf_id);
00299 $rbacadmin->copyRoleTemplatePermissions($stop_inherit,$parentRoles[$stop_inherit]["parent"],
00300 $rolf_id,$stop_inherit);
00301 $rbacadmin->assignRoleToFolder($stop_inherit,$rolf_id,'n');
00302 }
00303 }
00304 }
00305
00306 if ($rolf_id and $rolf_id != ROLE_FOLDER_ID)
00307 {
00308
00309 $linked_roles = $rbacreview->getLinkedRolesOfRoleFolder($rolf_id);
00310 $linked_roles_to_remove = array_diff($linked_roles,$stop_inherit_roles);
00311
00312
00313 $linked_roles_to_remove = (array) array_intersect(
00314 (array) $linked_roles_to_remove,
00315 (array) array_keys($this->roles));
00316
00317
00318 foreach ($linked_roles_to_remove as $role_id)
00319 {
00320 if ($rbacreview->isProtected($rolf_id,$role_id))
00321 {
00322 continue;
00323 }
00324
00325 $role_obj =& $this->ilias->obj_factory->getInstanceByObjId($role_id);
00326 $role_obj->setParent($rolf_id);
00327 $role_obj->delete();
00328 unset($role_obj);
00329 }
00330 }
00331
00332 ilUtil::sendInfo($this->lng->txt("saved_successfully"),true);
00333
00334
00335 if (!$rbacsystem->checkAccess("edit_permission",$this->gui_obj->object->getRefId()))
00336 {
00337 $this->ctrl->redirect($this->gui_obj);
00338 }
00339
00340 $this->ctrl->redirect($this,'perm');
00341 }
00342
00343
00344
00352 function addRole()
00353 {
00354 global $rbacadmin, $rbacreview, $rbacsystem;
00355
00356
00357 if (substr($_POST["Fobject"]["title"],0,3) == "il_")
00358 {
00359 $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
00360 }
00361 if(!strlen($_POST["Fobject"]["title"]))
00362 {
00363 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
00364 }
00365
00366
00367 if ($this->gui_obj->object->getType() != "rolf")
00368 {
00369 $rolf_data = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00370
00371
00372 if (!($rolf_id = $rolf_data["child"]))
00373 {
00374
00375 $subobjects = $this->objDefinition->getSubObjects($this->gui_obj->object->getType());
00376
00377 if (!isset($subobjects["rolf"]))
00378 {
00379 $this->ilias->raiseError($this->lng->txt("msg_no_rolf_allowed1")." '".$this->gui_obj->object->getTitle()."' ".
00380 $this->lng->txt("msg_no_rolf_allowed2"),$this->ilias->error_obj->WARNING);
00381 }
00382
00383
00384 $rolfObj = $this->gui_obj->object->createRoleFolder();
00385 $rolf_id = $rolfObj->getRefId();
00386 }
00387 }
00388 else
00389 {
00390
00391 $rolf_id = $this->gui_obj->object->getRefId();
00392 }
00393
00394
00395 if ($this->gui_obj->object->getType() == "rolf")
00396 {
00397 $roleObj = $this->gui_obj->object->createRole($_POST["Fobject"]["title"],$_POST["Fobject"]["desc"]);
00398 }
00399 else
00400 {
00401 $rfoldObj = $this->ilias->obj_factory->getInstanceByRefId($rolf_id);
00402 $roleObj = $rfoldObj->createRole($_POST["Fobject"]["title"],$_POST["Fobject"]["desc"]);
00403 }
00404
00405 ilUtil::sendInfo($this->lng->txt("role_added"),true);
00406
00407
00408
00409
00410
00411
00412
00413
00414
00415
00416
00417
00418
00419
00420
00421
00422 $this->ctrl->redirect($this,'perm');
00423 }
00424
00425 function &__initTableGUI()
00426 {
00427 include_once "./Services/Table/classes/class.ilTableGUI.php";
00428
00429 return new ilTableGUI(0,false);
00430 }
00431
00437 function __setTableGUIBasicData(&$tbl,&$result_set,$a_from = "")
00438 {
00439 switch ($a_from)
00440 {
00441 case "clipboardObject":
00442 $offset = $_GET["offset"];
00443 $order = $_GET["sort_by"];
00444 $direction = $_GET["sort_order"];
00445 $tbl->disable("footer");
00446 break;
00447
00448 default:
00449 $offset = $_GET["offset"];
00450 $order = $_GET["sort_by"];
00451 $direction = $_GET["sort_order"];
00452 break;
00453 }
00454
00455 $tbl->setOrderColumn($order);
00456 $tbl->setOrderDirection($direction);
00457 $tbl->setOffset($offset);
00458 $tbl->setLimit($_GET["limit"]);
00459 $tbl->setFooter("tblfooter",$this->lng->txt("previous"),$this->lng->txt("next"));
00460 $tbl->setData($result_set);
00461 }
00462
00463
00464 function __buildRoleFilterSelect()
00465 {
00466 $action[1] = $this->lng->txt('filter_all_roles');
00467 $action[2] = $this->lng->txt('filter_global_roles');
00468 $action[3] = $this->lng->txt('filter_local_roles');
00469 $action[4] = $this->lng->txt('filter_roles_local_policy');
00470 $action[5] = $this->lng->txt('filter_local_roles_object');
00471
00472 return ilUtil::formSelect($_SESSION['perm_filtered_roles'],"filter",$action,false,true);
00473 }
00474
00475 function __filterRoles($a_roles,$a_filter)
00476 {
00477 global $rbacreview;
00478
00479 switch ($a_filter)
00480 {
00481 case 1:
00482 return $a_roles;
00483 break;
00484
00485 case 2:
00486 $arr_global_roles = $rbacreview->getGlobalRoles();
00487 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_global_roles);
00488
00489 foreach ($arr_remove_roles as $role_id)
00490 {
00491 unset($a_roles[$role_id]);
00492 }
00493
00494 return $a_roles;
00495 break;
00496
00497 case 3:
00498 $arr_global_roles = $rbacreview->getGlobalRoles();
00499
00500 foreach ($arr_global_roles as $role_id)
00501 {
00502 unset($a_roles[$role_id]);
00503 }
00504
00505 return $a_roles;
00506 break;
00507
00508 case 4:
00509 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00510
00511 if (!$role_folder)
00512 {
00513 return array();
00514 }
00515
00516 $arr_local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"]);
00517 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_local_roles);
00518
00519 foreach ($arr_remove_roles as $role_id)
00520 {
00521 unset($a_roles[$role_id]);
00522 }
00523
00524 return $a_roles;
00525 break;
00526
00527 case 5:
00528
00529 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00530
00531 if (!$role_folder)
00532 {
00533 return array();
00534 }
00535
00536 $arr_local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"],false);
00537 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_local_roles);
00538
00539 foreach ($arr_remove_roles as $role_id)
00540 {
00541 unset($a_roles[$role_id]);
00542 }
00543
00544 return $a_roles;
00545 break;
00546 }
00547
00548 return $a_roles;
00549 }
00550
00551
00552 function owner()
00553 {
00554 global $ilObjDataCache,$ilUser;
00555
00556 $this->__initSubTabs("owner");
00557
00558 $this->tpl->addBlockfile('ADM_CONTENT','adm_content','tpl.obj_owner.html');
00559
00560 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00561 $this->tpl->setVariable("USERNAME",ilObjUser::_lookupLogin($this->gui_obj->object->getOwner()));
00562 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_usr.gif'));
00563 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('owner'));
00564 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('info_owner_of_object'));
00565 $this->tpl->setVariable("BTN_CHOWN",$this->lng->txt('change_owner'));
00566 $this->tpl->setVariable("TXT_USERNAME",$this->lng->txt('username'));
00567 $this->tpl->setVariable("CHOWN_WARNING",$this->lng->txt('chown_warning'));
00568 }
00569
00570 function changeOwner()
00571 {
00572 global $rbacsystem,$ilErr,$ilObjDataCache;
00573
00574 if(!$user_id = ilObjUser::_lookupId($_POST['owner']))
00575 {
00576 ilUtil::sendInfo($this->lng->txt('user_not_known'));
00577 $this->owner();
00578 return true;
00579 }
00580
00581 $this->gui_obj->object->setOwner($user_id);
00582 $this->gui_obj->object->updateOwner();
00583 $ilObjDataCache->deleteCachedEntry($this->gui_obj->object->getId());
00584 ilUtil::sendInfo($this->lng->txt('owner_updated'),true);
00585
00586 if (!$rbacsystem->checkAccess("edit_permission",$this->gui_obj->object->getRefId()))
00587 {
00588 $this->ctrl->redirect($this->gui_obj);
00589 return true;
00590 }
00591
00592 $this->ctrl->redirect($this,'owner');
00593 return true;
00594
00595 }
00596
00597
00598 function info()
00599 {
00600 $this->__initSubTabs("info");
00601
00602 include_once('classes/class.ilObjectStatusGUI.php');
00603
00604 $ilInfo = new ilObjectStatusGUI($this->gui_obj->object);
00605
00606 $this->tpl->setVariable("ADM_CONTENT",$ilInfo->getHTML());
00607 }
00608
00609
00610 function __initSubTabs($a_cmd)
00611 {
00612 global $ilTabs;
00613
00614 $perm = ($a_cmd == 'perm') ? true : false;
00615 $info = ($a_cmd == 'info') ? true : false;
00616 $owner = ($a_cmd == 'owner') ? true : false;
00617
00618 $ilTabs->addSubTabTarget("permission_settings", $this->ctrl->getLinkTarget($this, "perm"),
00619 "", "", "", $perm);
00620 $ilTabs->addSubTabTarget("info_status_info", $this->ctrl->getLinkTarget($this, "info"),
00621 "", "", "", $info);
00622 $ilTabs->addSubTabTarget("owner", $this->ctrl->getLinkTarget($this, "owner"),
00623 "", "", "", $owner);
00624 }
00625
00626 function getRolesData()
00627 {
00628 global $rbacsystem, $rbacreview;
00629
00630
00631 $roles = $rbacreview->getParentRoleIds($this->gui_obj->object->getRefId());
00632
00633
00634 $_SESSION['perm_filtered_roles'] = isset($_POST['filter']) ? $_POST['filter'] : $_SESSION['perm_filtered_roles'];
00635
00636
00637 if ($_SESSION['perm_filtered_roles'] == 0)
00638 {
00639 $_SESSION['perm_filtered_roles'] = 1;
00640 }
00641
00642
00643 $roles = $this->__filterRoles($roles,$_SESSION["perm_filtered_roles"]);
00644
00645
00646
00647 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00648
00649 $local_roles = array();
00650
00651 if (!empty($role_folder))
00652 {
00653 $local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"]);
00654 }
00655
00656 foreach ($roles as $key => $role)
00657 {
00658
00659 if ($role["obj_id"] == SYSTEM_ROLE_ID)
00660 {
00661 unset($roles[$key]);
00662 continue;
00663 }
00664
00665 $this->roles[$role['obj_id']] = $role;
00666
00667
00668 $this->roles[$role['obj_id']]['keep_protected'] = $rbacreview->isProtected($role['parent'],$role['obj_id']);
00669
00670 if (!in_array($role["obj_id"],$local_roles))
00671 {
00672 $this->roles[$role['obj_id']]['local_policy_enabled'] = false;
00673 $this->roles[$role['obj_id']]['local_policy_allowed'] = true;
00674 }
00675 else
00676 {
00677
00678 if ($rbacreview->isAssignable($role["obj_id"],$role_folder["ref_id"]))
00679 {
00680 $this->roles[$role['obj_id']]['local_policy_allowed'] = false;
00681 }
00682 else
00683 {
00684 $this->roles[$role['obj_id']]['local_policy_enabled'] = true;
00685 $this->roles[$role['obj_id']]['local_policy_allowed'] = true;
00686 }
00687 }
00688
00689
00690 $grouped_ops = ilRbacReview::_groupOperationsByClass(ilRbacReview::_getOperationList($this->gui_obj->object->getType()));
00691
00692 foreach ($grouped_ops as $ops_group => $ops_data)
00693 {
00694 foreach ($ops_data as $key => $operation)
00695 {
00696 $grouped_ops[$ops_group][$key]['checked'] = $rbacsystem->checkPermission($this->gui_obj->object->getRefId(), $role['obj_id'], $operation['name']);
00697 }
00698 }
00699
00700 $this->roles[$role['obj_id']]['permissions'] = $grouped_ops;
00701 unset($grouped_ops);
00702 }
00703 }
00704
00705 function __displayAddRoleForm()
00706 {
00707
00708 $object_types_exclude = array("adm","root","mail","objf","lngf","trac","taxf","auth", "assf",'seas','extt','adve');
00709
00710 if (!in_array($this->gui_obj->object->getType(),$object_types_exclude) and $this->gui_obj->object->getRefId() != ROLE_FOLDER_ID)
00711 {
00712 $this->tpl->addBlockFile("PERM_ADD_ROLE", "add_local_roles", "tpl.obj_perm_add_role.html");
00713
00714
00715 $data = array();
00716 $data["fields"] = array();
00717 $data["fields"]["title"] = $_SESSION["error_post_vars"]["Fobject"]["title"];
00718 $data["fields"]["desc"] = $_SESSION["error_post_vars"]["Fobject"]["desc"];
00719
00720 foreach ($data["fields"] as $key => $val)
00721 {
00722 $this->tpl->setVariable("TXT_LR_".strtoupper($key), $this->lng->txt($key));
00723 $this->tpl->setVariable(strtoupper($key), $val);
00724 }
00725
00726 $this->tpl->setVariable("FORMACTION_LR",$this->gui_obj->getFormAction("addRole", $this->ctrl->getLinkTarget($this, "addRole")));
00727 $this->tpl->setVariable("TXT_LR_HEADER", $this->lng->txt("you_may_add_local_roles"));
00728 $this->tpl->setVariable("TXT_ADD_ROLE", $this->lng->txt("role_add_local"));
00729 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
00730 }
00731 }
00732
00733 function __showPermissionsGeneralSection()
00734 {
00735 $this->tpl->setCurrentBlock("perm_subtitle");
00736 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_general'));
00737 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_general_desc'));
00738 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00739 $this->tpl->parseCurrentBlock();
00740
00741 foreach ($this->roles as $role)
00742 {
00743 foreach ($role['permissions']['general'] as $perm)
00744 {
00745
00746 if ($perm['name'] == 'delete' and $this->gui_obj->object->getType() == 'rolf' and $this->gui_obj->object->getRefId() != ROLE_FOLDER_ID)
00747 {
00748 continue;
00749 }
00750
00751 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00752
00753 $this->tpl->setCurrentBlock("perm_item");
00754 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00755 $this->tpl->setVariable("PERM_NAME",$this->lng->txt($perm['name']));
00756 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00757 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00758 $this->tpl->parseCurrentBlock();
00759 }
00760
00761 $this->tpl->setCurrentBlock("perm_table");
00762 $this->tpl->parseCurrentBlock();
00763 }
00764
00765 $this->tpl->setCurrentBlock("perm_settings");
00766 $this->tpl->parseCurrentBlock();
00767 }
00768
00769 function __showPermissionsObjectSection()
00770 {
00771
00772 reset($this->roles);
00773 $first_role =& current($this->roles);
00774
00775 if (count($first_role['permissions']['object']))
00776 {
00777 $this->tpl->setCurrentBlock("perm_subtitle");
00778 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_object'));
00779 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_object_desc'));
00780 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00781 $this->tpl->parseCurrentBlock();
00782
00783 foreach ($this->roles as $role)
00784 {
00785 foreach ($role['permissions']['object'] as $perm)
00786 {
00787 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00788
00789 $this->tpl->setCurrentBlock("perm_item");
00790 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00791 $this->tpl->setVariable("PERM_NAME",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00792 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00793 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00794 $this->tpl->parseCurrentBlock();
00795 }
00796
00797 $this->tpl->setCurrentBlock("perm_table");
00798 $this->tpl->parseCurrentBlock();
00799 }
00800
00801 $this->tpl->setCurrentBlock("perm_settings");
00802 $this->tpl->parseCurrentBlock();
00803 }
00804 }
00805
00806 function __showPermissionsRBACSection()
00807 {
00808 $this->tpl->setCurrentBlock("perm_subtitle");
00809 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_rbac'));
00810 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_rbac_desc'));
00811 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00812 $this->tpl->parseCurrentBlock();
00813
00814 foreach ($this->roles as $role)
00815 {
00816 foreach ($role['permissions']['rbac'] as $perm)
00817 {
00818 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00819
00820 $this->tpl->setCurrentBlock("perm_item");
00821 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00822 $this->tpl->setVariable("PERM_NAME",$this->lng->txt('perm_administrate'));
00823 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00824 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00825 $this->tpl->parseCurrentBlock();
00826 }
00827
00828
00829
00830 if ($this->objDefinition->stopInheritance($this->gui_obj->object->getType()))
00831 {
00832 if ($role['local_policy_allowed'])
00833 {
00834 $box = ilUtil::formCheckBox($role['local_policy_enabled'],'stop_inherit[]',$role['obj_id'],$role['keep_protected']);
00835 $lang = $this->lng->txt("perm_use_local_policy")." (".
00836 $this->lng->txt("stop_inheritance").")";
00837 $lang_desc = $this->lng->txt("perm_use_local_policy_desc");
00838 }
00839 else
00840 {
00841 $box = ' ';
00842 $lang = $this->lng->txt("perm_local_role");
00843 $lang_desc = $this->lng->txt("perm_local_role_desc");
00844 }
00845
00846 $this->tpl->setCurrentBlock("perm_item");
00847 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00848 $this->tpl->setVariable("PERM_NAME",$lang);
00849 $this->tpl->setVariable("PERM_TOOLTIP",$lang_desc);
00850 $this->tpl->setVariable("PERM_LABEL",'stop_inherit_'.$role['obj_id']);
00851 $this->tpl->parseCurrentBlock();
00852 }
00853
00854 $this->tpl->setCurrentBlock("perm_table");
00855 $this->tpl->parseCurrentBlock();
00856 }
00857
00858 $this->tpl->setCurrentBlock("perm_settings");
00859 $this->tpl->parseCurrentBlock();
00860 }
00861
00862 function __showPermissionsCreateSection()
00863 {
00864
00865
00866 if ($this->gui_obj->object->getType() == 'rolf' and $this->gui_obj->object->getRefId() != ROLE_FOLDER_ID)
00867 {
00868 return;
00869 }
00870
00871
00872 reset($this->roles);
00873 $first_role =& current($this->roles);
00874
00875 if (count($first_role['permissions']['create']))
00876 {
00877 $this->tpl->setCurrentBlock("perm_subtitle");
00878 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_create'));
00879 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_create_desc'));
00880 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00881 $this->tpl->parseCurrentBlock();
00882
00883
00884 $container_arr = array('cat','grp','crs','fold');
00885
00886 if (in_array($this->gui_obj->object->getType(),$container_arr))
00887 {
00888 $chk_toggle_create = true;
00889 }
00890
00891 foreach ($this->roles as $role)
00892 {
00893 $ops_ids = array();
00894
00895 foreach ($role['permissions']['create'] as $perm)
00896 {
00897 $ops_ids[] = $perm['ops_id'];
00898 }
00899
00900 if ($chk_toggle_create)
00901 {
00902 $this->tpl->setCurrentBlock('chk_toggle_create');
00903 $this->tpl->setVariable('PERM_NAME',$this->lng->txt('check_all')."/".$this->lng->txt('uncheck_all'));
00904 $this->tpl->setVariable('PERM_TOOLTIP',$this->lng->txt('check_all'));
00905 $this->tpl->setVariable('ROLE_ID',$role['obj_id']);
00906 $this->tpl->setVariable('JS_VARNAME','perm_'.$role['obj_id']);
00907 $this->tpl->setVariable('JS_ONCLICK',ilUtil::array_php2js($ops_ids));
00908 $this->tpl->parseCurrentBlock();
00909 }
00910
00911 foreach ($role['permissions']['create'] as $perm)
00912 {
00913 if ($perm["name"] == "create_icrs" and !$this->ilias->getSetting("ilinc_active"))
00914 {
00915 continue;
00916 }
00917
00918 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00919
00920 $this->tpl->setCurrentBlock("perm_item");
00921 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00922 $this->tpl->setVariable("PERM_NAME",$this->lng->txt("obj".substr($perm['name'],6)));
00923 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00924 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00925 $this->tpl->parseCurrentBlock();
00926 }
00927
00928 $this->tpl->setCurrentBlock("perm_table");
00929 $this->tpl->parseCurrentBlock();
00930 }
00931
00932 $this->tpl->setCurrentBlock("perm_settings");
00933 $this->tpl->parseCurrentBlock();
00934 }
00935 }
00936 }
00937 ?>
