ILIAS Release_3_9_x_branch .rev 46835: classes/class.ilObjRoleGUI.php Source File

Go to the documentation of this file.
00001 <?php
00002 /*
00003         +-----------------------------------------------------------------------------+
00004         | ILIAS open source                                                           |
00005         +-----------------------------------------------------------------------------+
00006         | Copyright (c) 1998-2001 ILIAS open source, University of Cologne            |
00007         |                                                                             |
00008         | This program is free software; you can redistribute it and/or               |
00009         | modify it under the terms of the GNU General Public License                 |
00010         | as published by the Free Software Foundation; either version 2              |
00011         | of the License, or (at your option) any later version.                      |
00012         |                                                                             |
00013         | This program is distributed in the hope that it will be useful,             |
00014         | but WITHOUT ANY WARRANTY; without even the implied warranty of              |
00015         | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |
00016         | GNU General Public License for more details.                                |
00017         |                                                                             |
00018         | You should have received a copy of the GNU General Public License           |
00019         | along with this program; if not, write to the Free Software                 |
00020         | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |
00021         +-----------------------------------------------------------------------------+
00022 */
00023 
00024 require_once "class.ilObjectGUI.php";
00025 
00038 class ilObjRoleGUI extends ilObjectGUI
00039 {
00045         var $type;
00046 
00052         var $rolf_ref_id;
00053 
00054 
00055         var $ctrl;
00056  
00061         function ilObjRoleGUI($a_data,$a_id,$a_call_by_reference = false,$a_prepare_output = true)
00062         {
00063                 global $tree,$lng;
00064                 
00065                 $lng->loadLanguageModule('rbac');
00066                 
00067                 //TODO: move this to class.ilias.php
00068                 define("USER_FOLDER_ID",7);
00069 
00070                 // copy ref_id for later use.
00071                 if ($_GET['rolf_ref_id'] != "")
00072                 {
00073                         $this->rolf_ref_id = $_GET['rolf_ref_id'];
00074                 }
00075                 else
00076                 {
00077                         $this->rolf_ref_id = $_GET['ref_id'];
00078                 }
00079                 
00080                 // Add ref_id of object that contains this role folder
00081                 $this->obj_ref_id = $tree->getParentId($this->rolf_ref_id);
00082 
00083                 $this->type = "role";
00084                 $this->ilObjectGUI($a_data,$a_id,$a_call_by_reference,false);
00085                 $this->ctrl->saveParameter($this, array("obj_id", "rolf_ref_id"));
00086         }
00087 
00088 
00089         function &executeCommand()
00090         {
00091                 global $rbacsystem;
00092 
00093                 // todo: clean this mess up, but note that there are several
00094                 // points where roles can be edited:
00095                 // - repository categories, courses, groups, learning modules
00096                 // glossaries (see object.xml)
00097                 // - administration -> repository trash and permissions ->
00098                 //   item ->edit role
00099                 // - administration -> repository trash and permissions ->
00100                 //   role folder -> role
00101                 // - administration -> roles -> role
00102                 if($this->ctrl->getTargetScript() == 'repository.php' ||
00103                         $this->ctrl->getTargetScript() == 'role.php' ||
00104                         $this->ctrl->getTargetScript() == 'fblm_edit.php' ||
00105                         $this->ctrl->getTargetScript() == 'chat.php' ||
00106                         strtolower($_GET["baseClass"]) == 'ilchathandlergui' ||
00107                         strtolower($_GET["baseClass"]) == 'illmeditorgui' ||
00108                         strtolower($_GET["baseClass"]) == 'ilexercisehandlergui' ||
00109                         strtolower($_GET["baseClass"]) == 'illinkresourcehandlergui' ||
00110                         strtolower($_GET["baseClass"]) == 'ilsahseditgui' ||
00111                         strtolower($_GET["baseClass"]) == 'ilobjsurveygui' ||
00112                         strtolower($_GET["baseClass"]) == 'ilmediapoolpresentation' ||
00113                         strtolower($_GET["baseClass"]) == 'ilobjsurveyquestionpoolgui' ||
00114                         strtolower($_GET["baseClass"]) == 'ilobjtestgui' ||
00115                         strtolower($_GET["baseClass"]) == 'ilobjquestionpoolgui' ||
00116                         strtolower($_GET["baseClass"]) == 'ilglossaryeditorgui' ||
00117                         $_GET["admin_mode"] == "repository")
00118                 {
00119                         $this->__prepareOutput();
00120                 }
00121                 else
00122                 {
00123                         if ($_GET["ref_id"] != SYSTEM_FOLDER_ID)
00124                         {
00125                                 $this->prepareOutput();
00126                         }
00127                         else
00128                         {
00129                                 $this->setAdminTabs();
00130                                 //$this->addAdminLocatorItems();
00131                                 //$tpl->setLocator();
00132                         }
00133                 }
00134 
00135                 $next_class = $this->ctrl->getNextClass($this);
00136                 $cmd = $this->ctrl->getCmd();
00137 
00138                 switch($next_class)
00139                 {
00140                         default:
00141                                 if(!$cmd)
00142                                 {
00143                                         $cmd = "perm";
00144                                 }
00145                                 $cmd .= "Object";
00146                                 $this->$cmd();
00147                                         
00148                                 break;
00149                 }
00150 
00151                 return true;
00152         }
00153         
00157         function setBackTarget($a_text, $a_link)
00158         {
00159                 $this->back_target = array("text" => $a_text,
00160                         "link" => $a_link);
00161         }
00162         
00166         function getAdminTabs(&$tabs_gui)
00167         {
00168                 $this->getTabs($tabs_gui);
00169         }
00170 
00171 
00172         function listDesktopItemsObject()
00173         {
00174                 global $rbacsystem,$rbacreview,$tree;
00175 
00176                 #if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00177                 if(!$this->checkAccess('edit_permission'))
00178                 {
00179                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00180                 }
00181 
00182                 if(!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
00183                         $this->rolf_ref_id != ROLE_FOLDER_ID)
00184                 {
00185                         ilUtil::sendInfo($this->lng->txt('role_no_users_no_desk_items'));
00186                         return true;
00187                 }
00188 
00189 
00190                 include_once './classes/class.ilRoleDesktopItem.php';
00191                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00192 
00193                 if($rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00194                 {
00195                         $this->__showButton('selectDesktopItem',$this->lng->txt('role_desk_add'));
00196                 }
00197                 if(!count($items = $role_desk_item_obj->getAll()))
00198                 {
00199                         ilUtil::sendInfo($this->lng->txt('role_desk_none_created'));
00200                         return true;
00201                 }
00202                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_list.html");
00203                 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00204                 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
00205                 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
00206                 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
00207                 $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
00208                 $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
00209                 $this->tpl->setVariable("IMG_ARROW",ilUtil::getImagePath('arrow_downright.gif'));
00210 
00211                 $counter = 0;
00212 
00213                 foreach($items as $role_item_id => $item)
00214                 {
00215                         $tmp_obj = ilObjectFactory::getInstanceByRefId($item['item_id']);
00216                         
00217                         if(strlen($desc = $tmp_obj->getDescription()))
00218                         {
00219                                 $this->tpl->setCurrentBlock("description");
00220                                 $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
00221                                 $this->tpl->parseCurrentBlock();
00222                         }
00223                         $this->tpl->setCurrentBlock("desk_row");
00224                         $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
00225                         $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
00226                         $this->tpl->setVariable("CHECK_DESK",ilUtil::formCheckBox(0,'del_desk_item[]',$role_item_id));
00227                         $this->tpl->setVariable("TXT_PATH",$this->lng->txt('path').':');
00228                         $this->tpl->setVariable("PATH",$this->__formatPath($tree->getPathFull($item['item_id'])));
00229                         $this->tpl->parseCurrentBlock();
00230                 }
00231 
00232                 return true;
00233         }
00234 
00235         function askDeleteDesktopItemObject()
00236         {
00237                 global $rbacsystem;
00238                 
00239                 
00240                 #if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00241                 if(!$this->checkAccess('edit_permission'))
00242                 {
00243                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00244                 }
00245                 if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00246                 {
00247                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00248                 }
00249                 if(!count($_POST['del_desk_item']))
00250                 {
00251                         ilUtil::sendInfo($this->lng->txt('role_select_one_item'));
00252 
00253                         $this->listDesktopItemsObject();
00254 
00255                         return true;
00256                 }
00257                 ilUtil::sendInfo($this->lng->txt('role_sure_delete_desk_items'));
00258                 
00259                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_ask_delete_desktop_item.html");
00260                 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00261                 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
00262                 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
00263                 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
00264                 $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
00265                 $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
00266                 $this->tpl->setVariable("BTN_CANCEL",$this->lng->txt('cancel'));
00267 
00268                 include_once './classes/class.ilRoleDesktopItem.php';
00269 
00270                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00271 
00272                 $counter = 0;
00273 
00274                 foreach($_POST['del_desk_item'] as $role_item_id)
00275                 {
00276                         $item_data = $role_desk_item_obj->getItem($role_item_id);
00277                         $tmp_obj =& ilObjectFactory::getInstanceByRefId($item_data['item_id']);
00278 
00279                         if(strlen($desc = $tmp_obj->getDescription()))
00280                         {
00281                                 $this->tpl->setCurrentBlock("description");
00282                                 $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
00283                                 $this->tpl->parseCurrentBlock();
00284                         }
00285                         $this->tpl->setCurrentBlock("desk_row");
00286                         $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
00287                         $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
00288                         $this->tpl->parseCurrentBlock();
00289                 }
00290 
00291                 $_SESSION['role_del_desk_items'] = $_POST['del_desk_item'];
00292 
00293                 return true;
00294         }
00295 
00296         function deleteDesktopItemsObject()
00297         {
00298                 global $rbacsystem;
00299                 
00300                 #if (!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00301                 if(!$this->checkAccess('edit_permission'))
00302                 {
00303                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00304                 }
00305 
00306                 if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00307                 {
00308                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00309                 }
00310 
00311                 if (!count($_SESSION['role_del_desk_items']))
00312                 {
00313                         ilUtil::sendInfo($this->lng->txt('role_select_one_item'));
00314 
00315                         $this->listDesktopItemsObject();
00316 
00317                         return true;
00318                 }
00319 
00320                 include_once './classes/class.ilRoleDesktopItem.php';
00321 
00322                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00323 
00324                 foreach ($_SESSION['role_del_desk_items'] as $role_item_id)
00325                 {
00326                         $role_desk_item_obj->delete($role_item_id);
00327                 }
00328 
00329                 ilUtil::sendInfo($this->lng->txt('role_deleted_desktop_items'));
00330                 $this->listDesktopItemsObject();
00331 
00332                 return true;
00333         }
00334 
00335 
00336         function selectDesktopItemObject()
00337         {
00338                 global $rbacsystem,$tree;
00339 
00340                 include_once './classes/class.ilRoleDesktopItemSelector.php';
00341                 include_once './classes/class.ilRoleDesktopItem.php';
00342 
00343                 if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00344                 {
00345                         #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00346                         ilUtil::sendInfo($this->lng->txt('permission_denied'));
00347                         $this->listDesktopItemsObject();
00348                         return false;
00349                 }
00350 
00351                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_selector.html");
00352                 $this->__showButton('listDesktopItems',$this->lng->txt('back'));
00353 
00354                 ilUtil::sendInfo($this->lng->txt("role_select_desktop_item"));
00355                 
00356                 $exp = new ilRoleDesktopItemSelector($this->ctrl->getLinkTarget($this,'selectDesktopItem'),
00357                                                                                          new ilRoleDesktopItem($this->object->getId()));
00358                 $exp->setExpand($_GET["role_desk_item_link_expand"] ? $_GET["role_desk_item_link_expand"] : $tree->readRootId());
00359                 $exp->setExpandTarget($this->ctrl->getLinkTarget($this,'selectDesktopItem'));
00360                 
00361                 $exp->setOutput(0);
00362                 
00363                 $output = $exp->getOutput();
00364                 $this->tpl->setVariable("EXPLORER",$output);
00365                 //$this->tpl->setVariable("EXPLORER", $exp->getOutput());
00366 
00367                 return true;
00368         }
00369 
00370         function assignDesktopItemObject()
00371         {
00372                 global $rbacsystem;
00373 
00374                 if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00375                 {
00376                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00377                         return false;
00378                 }
00379         
00380                 #if (!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00381                 if(!$this->checkAccess('edit_permission'))
00382                 {
00383                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00384                         return false;
00385                 }
00386 
00387                 if (!isset($_GET['item_id']))
00388                 {
00389                         ilUtil::sendInfo($this->lng->txt('role_no_item_selected'));
00390                         $this->selectDesktopItemObject();
00391 
00392                         return false;
00393                 }
00394 
00395                 include_once './classes/class.ilRoleDesktopItem.php';
00396 
00397                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00398                 $role_desk_item_obj->add((int) $_GET['item_id'],ilObject::_lookupType((int) $_GET['item_id'],true));
00399 
00400                 ilUtil::sendInfo($this->lng->txt('role_assigned_desktop_item'));
00401 
00402                 $this->ctrl->redirect($this,'listDesktopItems');
00403                 return true;
00404         }
00405 
00406 
00410         function createObject()
00411         {
00412                 global $rbacsystem;
00413                 
00414                 if (!$rbacsystem->checkAccess('create_role', $this->rolf_ref_id))
00415                 {
00416                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00417                 }
00418 
00419                 $this->getTemplateFile("edit","role");
00420 
00421                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00422                 {
00423                         $this->tpl->setCurrentBlock("allow_register");
00424                         $allow_register = ($_SESSION["error_post_vars"]["Fobject"]["allow_register"]) ? "checked=\"checked\"" : "";
00425                         $this->tpl->setVariable("TXT_ALLOW_REGISTER",$this->lng->txt("allow_register"));
00426                         $this->tpl->setVariable("ALLOW_REGISTER",$allow_register);
00427                         $this->tpl->parseCurrentBlock();
00428 
00429                         $this->tpl->setCurrentBlock("assign_users");
00430                         $assign_users = $_SESSION["error_post_vars"]["Fobject"]["assign_users"] ? "checked=\"checked\"" : "";
00431                         $this->tpl->setVariable("TXT_ASSIGN_USERS",$this->lng->txt("allow_assign_users"));
00432                         $this->tpl->setVariable("ASSIGN_USERS",$assign_users);
00433                         $this->tpl->parseCurrentBlock();
00434                         
00435                         $this->tpl->setCurrentBlock("protect_permissions");
00436                         $protect_permissions = $_SESSION["error_post_vars"]["Fobject"]["protect_permissions"] ? "checked=\"checked\"" : "";
00437                         $this->tpl->setVariable("TXT_PROTECT_PERMISSIONS",$this->lng->txt("role_protect_permissions"));
00438                         $this->tpl->setVariable("PROTECT_PERMISSIONS",$protect_permissions);
00439                         $this->tpl->parseCurrentBlock();
00440                 }
00441 
00442                 // fill in saved values in case of error
00443                 $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($_SESSION["error_post_vars"]["Fobject"]["title"]),true);
00444                 $this->tpl->setVariable("DESC",ilUtil::stripSlashes($_SESSION["error_post_vars"]["Fobject"]["desc"]));
00445 
00446                 $this->tpl->setVariable("TXT_TITLE",$this->lng->txt("title"));
00447                 $this->tpl->setVariable("TXT_DESC",$this->lng->txt("desc"));
00448                 $this->ctrl->setParameter($this, "new_type", $this->type);
00449                 $this->tpl->setVariable("FORMACTION",
00450                         $this->ctrl->getFormAction($this));
00451                 $this->tpl->setVariable("TXT_HEADER", $this->lng->txt($this->type."_new"));
00452                 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
00453                 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt($this->type."_add"));
00454                 $this->tpl->setVariable("CMD_SUBMIT", "save");
00455                 $this->tpl->setVariable("TARGET", $this->getTargetFrame("save"));
00456                 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
00457         }
00458 
00464         function saveObject()
00465         {
00466                 global $rbacsystem, $rbacadmin, $rbacreview;
00467 
00468                 // check for create role permission
00469                 if (!$rbacsystem->checkAccess("create_role",$this->rolf_ref_id))
00470                 {
00471                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_create_role"),$this->ilias->error_obj->MESSAGE);
00472                 }
00473 
00474                 // check required fields
00475                 if (empty($_POST["Fobject"]["title"]))
00476                 {
00477                         $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
00478                 }
00479 
00480                 // check if role title has il_ prefix
00481                 if (substr($_POST["Fobject"]["title"],0,3) == "il_")
00482                 {
00483                         $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
00484                 }
00485 
00486                 // save
00487                 include_once("class.ilObjRole.php");
00488                 $roleObj = new ilObjRole();
00489                 $roleObj->setTitle(ilUtil::stripSlashes($_POST["Fobject"]["title"]));
00490                 $roleObj->setDescription(ilUtil::stripSlashes($_POST["Fobject"]["desc"]));
00491                 $roleObj->setAllowRegister($_POST["Fobject"]["allow_register"]);
00492                 $roleObj->toggleAssignUsersStatus($_POST["Fobject"]["assign_users"]);
00493                 $roleObj->create();
00494                 $rbacadmin->assignRoleToFolder($roleObj->getId(), $this->rolf_ref_id,'y');
00495                 $rbacadmin->setProtected($this->rolf_ref_id,$roleObj->getId(),ilUtil::tf2yn($_POST["Fobject"]["protect_permissions"])); 
00496                 ilUtil::sendInfo($this->lng->txt("role_added"),true);
00497 
00498                 $this->ctrl->returnToParent($this);
00499         }
00500 
00506         function permObject()
00507         {
00508                 global $rbacadmin, $rbacreview, $rbacsystem, $objDefinition, $tree;
00509 
00510                 // for role administration check visible,write of global role folder
00511                 /*
00512                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00513                 {
00514                         $access = $rbacsystem->checkAccess('visible,write',$this->rolf_ref_id);
00515                 }
00516                 else    // for local roles check 'edit permission' of parent object of the local role folder
00517                 {
00518                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
00519                 }
00520                 */              
00521                 $access = $this->checkAccess('visible,write','edit_permission');
00522                         
00523                 if (!$access)
00524                 {
00525                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
00526                 }
00527                 
00528                 $perm_def = $this->object->__getPermissionDefinitions();
00529 
00530                 $rbac_objects =& $perm_def[0];
00531                 $rbac_operations =& $perm_def[1];
00532 
00533                 foreach ($rbac_objects as $key => $obj_data)
00534                 {
00535                         $rbac_objects[$key]["name"] = $this->lng->txt("obj_".$obj_data["type"]);
00536                         $rbac_objects[$key]["ops"] = $rbac_operations[$key];
00537                 }
00538                 
00539                 // for local roles display only the permissions settings for allowed subobjects
00540                 if ($this->rolf_ref_id != ROLE_FOLDER_ID)
00541                 {
00542                         // first get object in question (parent of role folder object)
00543                         $parent_data = $this->tree->getParentNodeData($this->rolf_ref_id);
00544                         // get allowed subobjects of object recursively
00545                         $subobj_data = $this->objDefinition->getSubObjectsRecursively($parent_data["type"]);
00546 
00547                         // remove not allowed object types from array but keep the type definition of object itself
00548                         foreach ($rbac_objects as $key => $obj_data)
00549                         {
00550                                 if ($obj_data["type"] == "rolf")
00551                                 {
00552                                         unset($rbac_objects[$key]);
00553                                         continue;
00554                                 }
00555                                 
00556                                 if (!$subobj_data[$obj_data["type"]] and $parent_data["type"] != $obj_data["type"])
00557                                 {
00558                                         unset($rbac_objects[$key]);
00559                                 }
00560                         }
00561                 } // end if local roles
00562                 
00563                 // now sort computed result
00564                 //sort($rbac_objects);
00565                         
00566                 /*foreach ($rbac_objects as $key => $obj_data)
00567                 {
00568                         sort($rbac_objects[$key]["ops"]);
00569                 }*/
00570                 
00571                 // sort by (translated) name of object type
00572                 $rbac_objects = ilUtil::sortArray($rbac_objects,"name","asc");
00573 
00574                 // BEGIN CHECK_PERM
00575                 foreach ($rbac_objects as $key => $obj_data)
00576                 {
00577                         $arr_selected = $rbacreview->getOperationsOfRole($this->object->getId(), $obj_data["type"], $this->rolf_ref_id);
00578                         $arr_checked = array_intersect($arr_selected,array_keys($rbac_operations[$obj_data["obj_id"]]));
00579 
00580                         foreach ($rbac_operations[$obj_data["obj_id"]] as $operation)
00581                         {
00582                                 // check all boxes for system role
00583                                 if ($this->object->getId() == SYSTEM_ROLE_ID)
00584                                 {
00585                                         $checked = true;
00586                                         $disabled = true;
00587                                 }
00588                                 else
00589                                 {
00590                                         $checked = in_array($operation["ops_id"],$arr_checked);
00591                                         $disabled = false;
00592                                 }
00593 
00594                                 // Es wird eine 2-dim Post Variable �bergeben: perm[rol_id][ops_id]
00595                                 $box = ilUtil::formCheckBox($checked,"template_perm[".$obj_data["type"]."][]",$operation["ops_id"],$disabled);
00596                                 $output["perm"][$obj_data["obj_id"]][$operation["ops_id"]] = $box;
00597                         }
00598                 }
00599                 // END CHECK_PERM
00600 
00601                 $output["col_anz"] = count($rbac_objects);
00602                 $output["txt_save"] = $this->lng->txt("save");
00603                 $output["check_recursive"] = ilUtil::formCheckBox(0,"recursive",1);
00604                 $output["text_recursive"] = $this->lng->txt("change_existing_objects");
00605                 $output["text_recursive_desc"] = $this->lng->txt("change_existing_objects_desc");
00606                 
00607                 $protected_disabled = true;
00608                 
00609                 if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
00610                 {
00611                         $protected_disabled = false;
00612                 }
00613                 
00614                 $output["check_protected"] = ilUtil::formCheckBox($rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()),
00615                                                                                                                         "protected",
00616                                                                                                                         1,
00617                                                                                                                         $protected_disabled);
00618                 
00619                 $output["text_protected"] = $this->lng->txt("role_protect_permissions");
00620                 $output["text_protected_desc"] = $this->lng->txt("role_protect_permissions_desc");
00621 
00622 
00623 /************************************/
00624 /*              adopt permissions form          */
00625 /************************************/
00626 
00627                 $output["message_middle"] = $this->lng->txt("adopt_perm_from_template");
00628 
00629                 // send message for system role
00630                 if ($this->object->getId() == SYSTEM_ROLE_ID)
00631                 {
00632                         $output["adopt"] = array();
00633                         $output["sysrole_msg"] = $this->lng->txt("msg_sysrole_not_editable");
00634                 }
00635                 else
00636                 {
00637                         // BEGIN ADOPT_PERMISSIONS
00638                         $parent_role_ids = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
00639                         $ids = array();
00640                         foreach($parent_role_ids as $id => $tmp)
00641                         {
00642                                 $ids[] = $id;
00643                         }
00644 
00645                         // Sort ids
00646                         $sorted_ids = ilUtil::_sortIds($ids,'object_data','type,title','obj_id');
00647 
00648                         // Sort roles by title
00649                         $sorted_roles = ilUtil::sortArray(array_values($parent_role_ids), 'title', ASC);
00650                         $key = 0;
00651                         
00652                         foreach($sorted_ids as $id)
00653                         {
00654                                 $par = $parent_role_ids[$id];
00655                         #foreach ($sorted_roles as $par)
00656                         #{
00657                                 if ($par["obj_id"] != SYSTEM_ROLE_ID)
00658                                 {
00659                                         $radio = ilUtil::formRadioButton(0,"adopt",$par["obj_id"]);
00660                                         $output["adopt"][$key]["css_row_adopt"] = ($key % 2 == 0) ? "tblrow1" : "tblrow2";
00661                                         $output["adopt"][$key]["check_adopt"] = $radio;
00662                                         $output["adopt"][$key]["role_id"] = $par["obj_id"];
00663                                         $output["adopt"][$key]["type"] = ($par["type"] == 'role' ? 'Role' : 'Template');
00664                                         $output["adopt"][$key]["role_name"] = $par["title"];
00665                                         $output["adopt"][$key]["role_desc"] = $par["desc"];
00666                                 }
00667                                 $key++;
00668                         }
00669 
00670                         $output["formaction_adopt"] = $this->ctrl->getFormAction($this);
00671                         // END ADOPT_PERMISSIONS
00672                 }
00673 
00674                 $output["formaction"] = $this->ctrl->getFormAction($this);
00675 
00676                 $this->data = $output;
00677 
00678 
00679 /************************************/
00680 /*                      generate output                 */
00681 /************************************/
00682 
00683                 $this->tpl->addBlockfile('ADM_CONTENT','adm_content','tpl.adm_perm_role.html');
00684 
00685                 foreach ($rbac_objects as $obj_data)
00686                 {
00687                         // BEGIN object_operations
00688                         $this->tpl->setCurrentBlock("object_operations");
00689 
00690                         $ops_ids = "";
00691 
00692                         foreach ($obj_data["ops"] as $operation)
00693                         {
00694                                 $ops_ids[] = $operation["ops_id"];
00695                                 
00696                                 //$css_row = ilUtil::switchColor($j++, "tblrow1", "tblrow2");
00697                                 $css_row = "tblrow1";
00698                                 $this->tpl->setVariable("CSS_ROW",$css_row);
00699                                 $this->tpl->setVariable("PERMISSION",$operation["name"]);
00700                                 if (substr($operation["title"], 0, 7) == "create_")
00701                                 {
00702                                         if ($this->objDefinition->getDevMode(substr($operation["title"], 7, strlen($operation["title"]) -7)))
00703                                         {
00704                                                 $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
00705                                         }
00706                                 }
00707                                 $this->tpl->setVariable("CHECK_PERMISSION",$this->data["perm"][$obj_data["obj_id"]][$operation["ops_id"]]);
00708                                 $this->tpl->setVariable("LABEL_ID","template_perm_".$obj_data["type"]."_".$operation["ops_id"]);
00709                                 $this->tpl->parseCurrentBlock();
00710                         } // END object_operations
00711 
00712                         // BEGIN object_type
00713                         $this->tpl->setCurrentBlock("object_type");
00714                         $this->tpl->setVariable("TXT_OBJ_TYPE",$obj_data["name"]);
00715 
00716 // TODO: move this if in a function and query all objects that may be disabled or inactive
00717                         if ($this->objDefinition->getDevMode($obj_data["type"]))
00718                         {
00719                                 $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
00720                         }
00721                         else if ($obj_data["type"] == "icrs" and !$this->ilias->getSetting("ilinc_active"))
00722                         {
00723                                 $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_enabled_or_configured").")");
00724                         }
00725 
00726                         // option: change permissions of exisiting objects of that type
00727                         $this->tpl->setVariable("OBJ_TYPE",$obj_data["type"]);
00728                         $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE_DESC",$this->lng->txt("change_existing_object_type_desc"));
00729 
00730                         // use different Text for system objects                
00731                         if ($objDefinition->isSystemObject($obj_data["type"]))
00732                         {
00733                                 $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix_single")." ".$this->lng->txt("obj_".$obj_data["type"])." ".$this->lng->txt("change_existing_suffix_single"));
00734 
00735                         }
00736                         else
00737                         {
00738                                 $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix")." ".$this->lng->txt("objs_".$obj_data["type"])." ".$this->lng->txt("change_existing_suffix"));
00739                         }
00740 
00741                         // js checkbox toggles
00742                         $this->tpl->setVariable("JS_VARNAME","template_perm_".$obj_data["type"]);
00743                         $this->tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($ops_ids));
00744                         $this->tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
00745                         $this->tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));                      
00746                         
00747                         $this->tpl->parseCurrentBlock();
00748                         // END object_type
00749                 }
00750 
00751                 // don't display adopt permissions form for system role
00752                 if ($this->object->getId() != SYSTEM_ROLE_ID)
00753                 {
00754                         // BEGIN ADOPT PERMISSIONS
00755                         foreach ($this->data["adopt"] as $key => $value)
00756                         {
00757                                 $this->tpl->setCurrentBlock("ADOPT_PERM_ROW");
00758                                 $this->tpl->setVariable("CSS_ROW_ADOPT",$value["css_row_adopt"]);
00759                                 $this->tpl->setVariable("CHECK_ADOPT",$value["check_adopt"]);
00760                                 $this->tpl->setVariable("LABEL_ID",$value["role_id"]);
00761                                 $this->tpl->setVariable("TYPE",$value["type"]);
00762                                 $this->tpl->setVariable("ROLE_NAME",$value["role_name"]);
00763                                 if(strlen($value['role_desc']))
00764                                 {
00765                                         $this->tpl->setVariable('ROLE_DESC',$value['role_desc']);
00766                                 }
00767 
00768                                 $this->tpl->parseCurrentBlock();
00769                         }
00770                         
00771                         $this->tpl->setCurrentBlock("ADOPT_PERM_FORM");
00772                         $this->tpl->setVariable("MESSAGE_MIDDLE",$this->data["message_middle"]);
00773                         $this->tpl->setVariable("FORMACTION_ADOPT",$this->data["formaction_adopt"]);
00774                         $this->tpl->setVariable("ADOPT",$this->lng->txt('copy'));
00775                         $this->tpl->parseCurrentBlock();
00776                         // END ADOPT PERMISSIONS
00777                         
00778                         $this->tpl->setCurrentBlock("tblfooter_special_options");
00779                         $this->tpl->setVariable("TXT_PERM_SPECIAL_OPTIONS",$this->lng->txt("perm_special_options"));
00780                         $this->tpl->parseCurrentBlock();
00781                 
00782                         $this->tpl->setCurrentBlock("tblfooter_recursive");
00783                         $this->tpl->setVariable("COL_ANZ",3);
00784                         $this->tpl->setVariable("CHECK_RECURSIVE",$this->data["check_recursive"]);
00785                         $this->tpl->setVariable("TXT_RECURSIVE",$this->data["text_recursive"]);
00786                         $this->tpl->setVariable("TXT_RECURSIVE_DESC",$this->data["text_recursive_desc"]);
00787                         $this->tpl->parseCurrentBlock();
00788                         
00789                         $this->tpl->setCurrentBlock("tblfooter_protected");
00790                         $this->tpl->setVariable("COL_ANZ",3);
00791                         $this->tpl->setVariable("CHECK_PROTECTED",$this->data["check_protected"]);
00792                         $this->tpl->setVariable("TXT_PROTECTED",$this->data["text_protected"]);
00793                         $this->tpl->setVariable("TXT_PROTECTED_DESC",$this->data["text_protected_desc"]);
00794                         $this->tpl->parseCurrentBlock();
00795 
00796                         $this->tpl->setCurrentBlock("tblfooter_standard");
00797                         $this->tpl->setVariable("COL_ANZ_PLUS",4);
00798                         $this->tpl->setVariable("TXT_SAVE",$this->data["txt_save"]);
00799                         $this->tpl->parseCurrentBlock();
00800                 }
00801                 else
00802                 {
00803                         // display form buttons not for system role
00804                         $this->tpl->setCurrentBlock("tblfooter_sysrole");
00805                         $this->tpl->setVariable("COL_ANZ_SYS",3);
00806                         $this->tpl->parseCurrentBlock();
00807 
00808                         // display sysrole_msg
00809                         $this->tpl->setCurrentBlock("sysrole_msg");
00810                         $this->tpl->setVariable("TXT_SYSROLE_MSG",$this->data["sysrole_msg"]);
00811                         $this->tpl->parseCurrentBlock();
00812                 }
00813                 
00814                 $this->tpl->setCurrentBlock("adm_content");
00815                 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath("icon_".$this->object->getType().".gif"));
00816                 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt($this->object->getType()));
00817                 $this->tpl->setVariable("TBL_HELP_IMG",ilUtil::getImagePath("icon_help.gif"));
00818                 $this->tpl->setVariable("TBL_HELP_LINK","tbl_help.php");
00819                 $this->tpl->setVariable("TBL_HELP_IMG_ALT",$this->lng->txt("help"));
00820                 
00821                 // compute additional information in title
00822                 $global_roles = $rbacreview->getGlobalRoles();
00823                 
00824                 if (in_array($this->object->getId(),$global_roles))
00825                 {
00826                         $desc = "global";
00827                 }
00828                 else
00829                 {
00830                         // description for autogenerated roles
00831                         $rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
00832                         $parent_node = $this->tree->getParentNodeData($rolf[0]);
00833 
00834                         $desc = $this->lng->txt("obj_".$parent_node['type'])." (#".$parent_node['obj_id'].") : ".$parent_node['title'];
00835                 }
00836                 
00837                 $description = "&nbsp;<span class=\"small\">(".$desc.")</span>";
00838 
00839                 // translation for autogenerated roles
00840                 if (substr($this->object->getTitle(),0,3) == "il_")
00841                 {
00842                         $title = ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")";
00843                 }
00844                 else
00845                 {
00846                         $title = $this->object->getTitle();
00847                 }
00848 
00849                 $this->tpl->setVariable("TBL_TITLE",$title.$description);
00850 
00851                 // info text
00852                 $pid = $tree->getParentId($this->rolf_ref_id);
00853                 $ptitle = ilObject::_lookupTitle(ilObject::_lookupObjId($pid));
00854                 if ($this->rolf_ref_id != ROLE_FOLDER_ID)
00855                 {
00856                         $info = sprintf($this->lng->txt("perm_role_info_1"),
00857                                 $this->object->getTitle(), $ptitle)." ".
00858                                 sprintf($this->lng->txt("perm_role_info_2"),
00859                                 $this->object->getTitle(), $ptitle);
00860                 }
00861                 else
00862                 {
00863                         $info = sprintf($this->lng->txt("perm_role_info_glob_1"),
00864                                 $this->object->getTitle(), $ptitle)." ".
00865                                 sprintf($this->lng->txt("perm_role_info_glob_2"),
00866                                 $this->object->getTitle(), $ptitle);
00867                 }
00868                 $this->tpl->setVariable("TXT_TITLE_INFO", $info);
00869                 
00870                 $this->tpl->setVariable("TXT_PERMISSION",$this->data["txt_permission"]);
00871                 $this->tpl->setVariable("FORMACTION",$this->data["formaction"]);
00872                 $this->tpl->parseCurrentBlock();
00873                 
00874                 //var_dump($this->data["formaction"]);
00875         }
00876 
00882         function permSaveObject()
00883         {
00884                 global $rbacsystem, $rbacadmin, $rbacreview, $objDefinition, $tree;
00885 
00886                 // for role administration check write of global role folder
00887                 /*
00888                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00889                 {
00890                         $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
00891                 }
00892                 else    // for local roles check 'edit permission' of parent object of the local role folder
00893                 {
00894                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
00895                 }
00896                 */
00897                 $access = $this->checkAccess('visible,write','edit_permission');
00898                         
00899                 if (!$access)
00900                 {
00901                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
00902                 }
00903 
00904                 // delete all template entries
00905                 $rbacadmin->deleteRolePermission($this->object->getId(), $this->rolf_ref_id);
00906 
00907                 if (empty($_POST["template_perm"]))
00908                 {
00909                         $_POST["template_perm"] = array();
00910                 }
00911 
00912                 foreach ($_POST["template_perm"] as $key => $ops_array)
00913                 {
00914                         // sets new template permissions
00915                         $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->rolf_ref_id);
00916                 }
00917 
00918                 // update object data entry (to update last modification date)
00919                 $this->object->update();
00920                 
00921                 // CHANGE ALL EXISTING OBJECT UNDER PARENT NODE OF ROLE FOLDER
00922                 // BUT DON'T CHANGE PERMISSIONS OF SUBTREE OBJECTS IF INHERITANCE WAS STOPPED
00923                 if ($_POST["recursive"] or is_array($_POST["recursive_list"]))
00924                 {
00925                         // IF ROLE IS A GLOBAL ROLE START AT ROOT
00926                         if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00927                         {
00928                                 $node_id = ROOT_FOLDER_ID;
00929                         }
00930                         else
00931                         {
00932                                 $node_id = $this->tree->getParentId($this->rolf_ref_id);
00933                         }
00934 
00935                         // GET ALL SUBNODES
00936                         $node_data = $this->tree->getNodeData($node_id);
00937                         $subtree_nodes = $this->tree->getSubTree($node_data);
00938 
00939                         // GET ALL OBJECTS THAT CONTAIN A ROLE FOLDER
00940                         $all_parent_obj_of_rolf = $rbacreview->getObjectsWithStopedInheritance($this->object->getId());
00941 
00942                         // DELETE ACTUAL ROLE FOLDER FROM ARRAY
00943                         if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00944                         {
00945                                 $key = array_keys($all_parent_obj_of_rolf,SYSTEM_FOLDER_ID);
00946                         }
00947                         else
00948                         {
00949                                 $key = array_keys($all_parent_obj_of_rolf,$node_id);
00950                         }
00951 
00952                         unset($all_parent_obj_of_rolf[$key[0]]);
00953 
00954                         $check = false;
00955 
00956                         foreach ($subtree_nodes as $node)
00957                         {
00958                                 if (!$check)
00959                                 {
00960                                         if (in_array($node["child"],$all_parent_obj_of_rolf))
00961                                         {
00962                                                 $lft = $node["lft"];
00963                                                 $rgt = $node["rgt"];
00964                                                 $check = true;
00965                                                 continue;
00966                                         }
00967 
00968                                         $valid_nodes[] = $node;
00969                                 }
00970                                 else
00971                                 {
00972                                         if (($node["lft"] > $lft) && ($node["rgt"] < $rgt))
00973                                         {
00974                                                 continue;
00975                                         }
00976                                         else
00977                                         {
00978                                                 $check = false;
00979                                                 
00980                                                 if (in_array($node["child"],$all_parent_obj_of_rolf))
00981                                                 {
00982                                                         $lft = $node["lft"];
00983                                                         $rgt = $node["rgt"];
00984                                                         $check = true;
00985                                                         continue;
00986                                                 }
00987                                                 
00988                                                 $valid_nodes[] = $node;
00989                                         }
00990                                 }
00991                         }
00992 
00993                         // Prepare arrays for permission settings below 
00994                         foreach ($valid_nodes as $key => $node)
00995                         {
00996                                 // To change only selected object types filter selected object types
00997                                 if (is_array($_POST["recursive_list"]) and !in_array($node["type"],$_POST["recursive_list"]))
00998                                 {
00999                                         unset($valid_nodes[$key]);
01000                                         continue;
01001                                 }
01002 
01003                                 $node_ids[] = $node["child"];
01004                                 $valid_nodes[$key]["perms"] = $_POST["template_perm"][$node["type"]];
01005                         }
01006                         
01007                         // prepare arrays for permission settings below
01008                         /*foreach ($valid_nodes as $key => $node)
01009                         {
01010                                 #if(!in_array($node["type"],$to_filter))
01011                                 {
01012                                         $node_ids[] = $node["child"];
01013                                         $valid_nodes[$key]["perms"] = $_POST["template_perm"][$node["type"]];
01014                                 }
01015                         }*/
01016                         
01017                         if (!empty($node_ids))
01018                         {
01019                                 // FIRST REVOKE PERMISSIONS FROM ALL VALID OBJECTS
01020                                 $rbacadmin->revokePermissionList($node_ids,$this->object->getId());
01021         
01022                                 // NOW SET ALL PERMISSIONS
01023                                 foreach ($valid_nodes as $node)
01024                                 {
01025                                         if (is_array($node["perms"]))
01026                                         {
01027                                                 $rbacadmin->grantPermission($this->object->getId(),$node["perms"],$node["child"]);
01028                                         }
01029                                 }
01030                         }
01031                 }// END IF RECURSIVE
01032                 
01033                 // set protected flag
01034                 if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
01035                 {
01036                         $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST['protected']));
01037                 }
01038 
01039                 ilUtil::sendInfo($this->lng->txt("saved_successfully"),true); 
01040                 $this->ctrl->redirect($this, "perm");
01041         }
01042 
01043 
01049         function adoptPermSaveObject()
01050         {
01051                 global $rbacadmin, $rbacsystem, $rbacreview, $tree;
01052 
01053                 if(!$_POST['adopt'])
01054                 {
01055                         ilUtil::sendInfo($this->lng->txt('select_one'));
01056                         $this->permObject();
01057                         return false;
01058                 }
01059                 
01060                 // for role administration check write of global role folder
01061                 /*
01062                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
01063                 {
01064                         $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
01065                 }
01066                 else    // for local roles check 'edit permission' of parent object of the local role folder
01067                 {
01068                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
01069                 }
01070                 */      
01071         
01072                 $access = $this->checkAccess('visible,write','edit_permission');
01073                 if (!$access)
01074                 {
01075                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
01076                 }
01077 
01078                 if ($this->object->getId() == $_POST["adopt"])
01079                 {
01080                         ilUtil::sendInfo($this->lng->txt("msg_perm_adopted_from_itself"),true);
01081                 }
01082                 else
01083                 {
01084                         $rbacadmin->deleteRolePermission($this->object->getId(), $this->rolf_ref_id);
01085                         $parentRoles = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
01086                         $rbacadmin->copyRoleTemplatePermissions($_POST["adopt"],$parentRoles[$_POST["adopt"]]["parent"],
01087                                                                                    $this->rolf_ref_id,$this->object->getId(),false);            
01088 
01089                         // update object data entry (to update last modification date)
01090                         $this->object->update();
01091 
01092                         // send info
01093                         $obj_data =& $this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
01094                         ilUtil::sendInfo($this->lng->txt("msg_perm_adopted_from1")." '".$obj_data->getTitle()."'.<br/>".
01095                                          $this->lng->txt("msg_perm_adopted_from2"),true);
01096                 }
01097 
01098                 $this->ctrl->redirect($this, "perm");
01099         }
01100 
01106         function assignSaveObject()
01107         {
01108         $this->assignUserObject();
01109     }
01110 
01116         function assignUserObject()
01117         {
01118         global $rbacsystem, $rbacadmin, $rbacreview;
01119 
01120                 #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01121                 if(!$this->checkAccess('edit_userassignment','edit_permission'))
01122                 {
01123                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01124                 }
01125 
01126                 if (!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
01127                         $this->rolf_ref_id != ROLE_FOLDER_ID)
01128                 {
01129                         $this->ilias->raiseError($this->lng->txt("err_role_not_assignable"),$this->ilias->error_obj->MESSAGE);
01130                 }
01131 
01132                 if (!isset($_POST["user"]))
01133                 {
01134                         ilUtil::sendInfo($this->lng->txt("no_checkbox"));
01135                         $this->searchObject();
01136 
01137                         return false;
01138                 }
01139                 
01140                 $selected_users = $_POST["user"];
01141                 $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
01142                                 
01143                 // users to assign
01144                 $assigned_users_new = array_diff($selected_users,array_intersect($selected_users,$assigned_users_all));
01145                 
01146                 // selected users all already assigned. stop
01147         if (count($assigned_users_new) == 0)
01148                 {
01149                         ilUtil::sendInfo($this->lng->txt("msg_selected_users_already_assigned"));
01150                         $this->searchObject();
01151                         
01152                         return false;
01153                 }
01154 
01155                 // assign new users
01156         foreach ($assigned_users_new as $user)
01157                 {
01158                         $rbacadmin->assignUser($this->object->getId(),$user,false);
01159         }
01160         
01161         // update object data entry (to update last modification date)
01162                 $this->object->update();
01163 
01164                 ilUtil::sendInfo($this->lng->txt("msg_userassignment_changed"),true);
01165                 
01166                 $this->ctrl->redirect($this,'userassignment');
01167         }
01168         
01174         function deassignUserObject()
01175         {
01176         global $rbacsystem, $rbacadmin, $rbacreview;
01177 
01178                 #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01179                 if(!$this->checkAccess('edit_userassignment','edit_permission'))
01180                 {
01181                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01182                 }
01183 
01184                 /*
01185                 if (!$rbacsystem->checkAccess('write',$this->rolf_ref_id))
01186                 {
01187                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
01188                 }
01189                 */
01190         $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
01191 
01192                 if ($selected_users[0]=== NULL)
01193                 {
01194                         $this->ilias->raiseError($this->lng->txt("no_checkbox"),$this->ilias->error_obj->MESSAGE);
01195                 }
01196 
01197                 // prevent unassignment of system user from system role
01198                 if ($this->object->getId() == SYSTEM_ROLE_ID)
01199                 {
01200             if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !== false)
01201                             unset($selected_users[$admin]);
01202                 }
01203 
01204                 // check for each user if the current role is his last global role before deassigning him
01205                 $last_role = array();
01206                 $global_roles = $rbacreview->getGlobalRoles();
01207                 
01208                 foreach ($selected_users as $user)
01209                 {
01210                         $assigned_roles = $rbacreview->assignedRoles($user);
01211                         $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
01212 
01213                         if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
01214                         {
01215                                 $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
01216                                 $last_role[$user] = $userObj->getFullName();
01217                                 unset($userObj);
01218                         }
01219                 }
01220 
01221                 // raise error if last role was taken from a user...
01222                 if (count($last_role) > 0)
01223                 {
01224                         $user_list = implode(", ",$last_role);
01225                         $this->ilias->raiseError($this->lng->txt("msg_is_last_role").": ".$user_list."<br/>".$this->lng->txt("msg_min_one_role")."<br/>".$this->lng->txt("action_aborted"),$this->ilias->error_obj->MESSAGE);
01226                 }
01227                 
01228                 // ... else perform deassignment
01229                 foreach ($selected_users as $user)
01230         {
01231                         $rbacadmin->deassignUser($this->object->getId(),$user);
01232                 }
01233 
01234         // update object data entry (to update last modification date)
01235                 $this->object->update();
01236 
01237                 ilUtil::sendInfo($this->lng->txt("msg_userassignment_changed"),true);
01238 
01239                 $this->ctrl->redirect($this,'userassignment');
01240         }
01241         
01247         function updateObject()
01248         {
01249                 global $rbacsystem, $rbacreview, $rbacadmin, $tree;
01250 
01251                 // for role administration check write of global role folder
01252                 /*
01253                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
01254                 {
01255                         $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
01256                 }
01257                 else    // for local roles check 'edit permission' of parent object of the local role folder
01258                 {
01259                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
01260                 }
01261                 */
01262                 $access = $this->checkAccess('write','edit_permission');        
01263                 if (!$access)
01264                 {
01265                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_role"),$this->ilias->error_obj->MESSAGE);
01266                 }
01267 
01268                 if (substr($this->object->getTitle(),0,3) != "il_")
01269                 {
01270                         // check required fields
01271                         if (empty($_POST["Fobject"]["title"]))
01272                         {
01273                                 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
01274                         }
01275         
01276                         // check if role title has il_ prefix
01277                         if (substr($_POST["Fobject"]["title"],0,3) == "il_")
01278                         {
01279                                 $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
01280                         }
01281         
01282                         // update
01283                         $this->object->setTitle(ilUtil::stripSlashes($_POST["Fobject"]["title"]));
01284                         $this->object->setDescription(ilUtil::stripSlashes($_POST["Fobject"]["desc"]));
01285                 }
01286 
01287 
01288                 
01289                 // ensure that at least one role is available in the new user register form if registration is enabled
01290                 if ($_POST["Fobject"]["allow_register"] == "")
01291                 {
01292                         $roles_allowed = $this->object->_lookupRegisterAllowed();
01293 
01294                         if (count($roles_allowed) == 1 and $roles_allowed[0]['id'] == $this->object->getId())
01295                         {
01296                                 $this->ilias->raiseError($this->lng->txt("msg_last_role_for_registration"),$this->ilias->error_obj->MESSAGE);
01297                         }       
01298                 }
01299 
01300                 $this->object->setAllowRegister($_POST["Fobject"]["allow_register"]);
01301                 $this->object->toggleAssignUsersStatus($_POST["Fobject"]["assign_users"]);
01302                 $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST["Fobject"]["protect_permissions"]));    
01303                 $this->object->update();
01304                 
01305                 ilUtil::sendInfo($this->lng->txt("saved_successfully"),true);
01306 
01307                 $this->ctrl->redirect($this,'edit');
01308         }
01309         
01315         function editObject()
01316         {
01317                 global $rbacsystem, $rbacreview;
01318 
01319                 #if (!$rbacsystem->checkAccess("write", $this->rolf_ref_id))
01320                 if(!$this->checkAccess('write','edit_permission'))
01321                 {
01322                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_write"),$this->ilias->error_obj->MESSAGE);
01323                 }
01324 
01325                 $this->getTemplateFile("edit");
01326 
01327                 if ($_SESSION["error_post_vars"])
01328                 {
01329                         // fill in saved values in case of error
01330                         if (substr($this->object->getTitle(false),0,3) != "il_")
01331                         {
01332                                 $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($_SESSION["error_post_vars"]["Fobject"]["title"]),true);
01333                                 $this->tpl->setVariable("DESC",ilUtil::stripSlashes($_SESSION["error_post_vars"]["Fobject"]["desc"]));
01334                         }
01335                 
01336                         $allow_register = ($_SESSION["error_post_vars"]["Fobject"]["allow_register"]) ? "checked=\"checked\"" : "";
01337                         $assign_users = ($_SESSION["error_post_vars"]["Fobject"]["assign_users"]) ? "checked=\"checked\"" : "";
01338                         $protect_permissions = ($_SESSION["error_post_vars"]["Fobject"]["protect_permissions"]) ? "checked=\"checked\"" : "";
01339                 }
01340                 else
01341                 {
01342                         if (substr($this->object->getTitle(),0,3) != "il_")
01343                         {
01344                                 $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($this->object->getTitle()));
01345                                 $this->tpl->setVariable("DESC",ilUtil::stripSlashes($this->object->getDescription()));
01346                         }
01347 
01348                         $allow_register = ($this->object->getAllowRegister()) ? "checked=\"checked\"" : "";
01349                         $assign_users = $this->object->getAssignUsersStatus() ? "checked=\"checked\"" : "";
01350                         $protect_permissions = $rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()) ? "checked=\"checked\"" : "";
01351 
01352                 }
01353 
01354                 $obj_str = "&obj_id=".$this->obj_id;
01355 
01356                 $this->tpl->setVariable("TXT_TITLE",$this->lng->txt("title"));
01357                 $this->tpl->setVariable("TXT_DESC",$this->lng->txt("desc"));
01358                 
01359                 // exclude allow register option for anonymous role, system role and all local roles
01360                 $global_roles = $rbacreview->getGlobalRoles();
01361 
01362                 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01363                 $this->tpl->setVariable("TXT_HEADER", $this->lng->txt($this->object->getType()."_edit"));
01364                 $this->tpl->setVariable("TARGET", $this->getTargetFrame("update"));
01365                 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
01366                 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
01367                 $this->tpl->setVariable("CMD_SUBMIT", "update");
01368                 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
01369                 
01370                 if (substr($this->object->getTitle(),0,3) == "il_")
01371                 {
01372                         $this->tpl->setVariable("SHOW_TITLE",ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")");
01373                         
01374                         $rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
01375                         $parent_node = $this->tree->getParentNodeData($rolf[0]);
01376 
01377                         $this->tpl->setVariable("SHOW_DESC",$this->lng->txt("obj_".$parent_node['type'])." (".$parent_node['obj_id'].") <br/>".$parent_node['title']);
01378 
01379                         $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
01380                         $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("back"));
01381                         $this->tpl->setVariable("CMD_SUBMIT", "cancel");
01382                 }
01383 
01384                 if ($this->object->getId() != ANONYMOUS_ROLE_ID and 
01385                         $this->object->getId() != SYSTEM_ROLE_ID and 
01386                         in_array($this->object->getId(),$global_roles))
01387                 {
01388                         $this->tpl->setCurrentBlock("allow_register");
01389                         $this->tpl->setVariable("TXT_ALLOW_REGISTER",$this->lng->txt("allow_register"));
01390                         $this->tpl->setVariable("ALLOW_REGISTER",$allow_register);
01391                         $this->tpl->parseCurrentBlock();
01392 
01393                         $this->tpl->setCurrentBlock("assign_users");
01394                         $this->tpl->setVariable("TXT_ASSIGN_USERS",$this->lng->txt('allow_assign_users'));
01395                         $this->tpl->setVariable("ASSIGN_USERS",$assign_users);
01396                         $this->tpl->parseCurrentBlock();
01397 
01398                         $this->tpl->setCurrentBlock("protect_permissions");
01399                         $this->tpl->setVariable("TXT_PROTECT_PERMISSIONS",$this->lng->txt('role_protect_permissions'));
01400                         $this->tpl->setVariable("PROTECT_PERMISSIONS",$protect_permissions);
01401                         $this->tpl->parseCurrentBlock();
01402                 }
01403         }
01404         
01408         function userassignmentObject()
01409         {
01410                 global $rbacreview, $rbacsystem;
01411                 
01412                 //if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01413                 if(!$this->checkAccess('edit_userassignment','edit_permission'))
01414                 {
01415                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01416                 }
01417                 $assigned_users = $rbacreview->assignedUsers($this->object->getId(),array("login","firstname","lastname","usr_id"));
01418 
01419                 //if current user is admin he is able to add new members to group
01420                 $val_contact = $this->lng->txt("message");
01421                 $val_change = $this->lng->txt("edit");
01422                 $val_leave = $this->lng->txt("remove");
01423                 $val_contact_desc = $this->lng->txt("role_user_send_mail");
01424                 $val_change_desc = $this->lng->txt("role_user_edit");
01425                 $val_leave_desc = $this->lng->txt("role_user_deassign");
01426                 $counter = 0;
01427 
01428                 foreach ($assigned_users as $user)
01429                 {
01430                         $link_contact = "ilias.php?baseClass=ilMailGUI&type=new&rcp_to=".urlencode($user["login"]);
01431                         
01432                         if ($_GET["admin_mode"] == "settings"
01433                                 && $_GET["ref_id"] != SYSTEM_FOLDER_ID)
01434                         {
01435                                 $link_change = $this->ctrl->getLinkTargetByClass("ilobjusergui", "edit");
01436                                 $this->ctrl->setParameterByClass("ilobjusergui", "ref_id", 7);
01437                                 $this->ctrl->setParameterByClass("ilobjusergui", "obj_id", $user["usr_id"]);
01438                                 $link_change = $this->ctrl->getLinkTargetByClass(array("iladministrationgui", "ilobjusergui"), "view");
01439                                 $this->ctrl->setParameterByClass("ilobjusergui", "ref_id", $_GET["ref_id"]);
01440                         }
01441 
01442                         $this->ctrl->setParameter($this, "user_id", $user["usr_id"]);
01443                         $link_leave = $this->ctrl->getLinkTarget($this,"deassignUser");
01444 
01445             $member_functions = "";
01446 
01447             // exclude root/admin role and anon/anon
01448             if ($this->object->getId() != ANONYMOUS_ROLE_ID or $user["usr_id"] != ANONYMOUS_USER_ID)
01449                         {
01450                 //build function
01451                 $member_functions = "<a class=\"il_ContainerItemCommand\" href=\"".$link_contact."\" title=\"".$val_contact_desc."\">".$val_contact."</a>";
01452 
01453                                 if (strtolower($_GET["baseClass"]) == 'iladministrationgui' && $_GET["admin_mode"] == "settings")
01454                                 {
01455                                         $member_functions .= "&nbsp;<a class=\"il_ContainerItemCommand\" href=\"".$link_change."\" title=\"".$val_change_desc."\">".$val_change."</a>";
01456                                 }
01457 
01458                 if ($this->object->getId() != SYSTEM_ROLE_ID or $user["usr_id"] != SYSTEM_USER_ID)
01459                 {
01460                     $member_functions .= "&nbsp;<a class=\"il_ContainerItemCommand\" href=\"".$link_leave."\" title=\"".$val_leave_desc."\">".$val_leave."</a>";
01461                 }
01462             }
01463 
01464                         // no check box for root/admin role and anon/anon
01465                         if (($this->object->getId() == SYSTEM_ROLE_ID and $user["usr_id"] == SYSTEM_USER_ID)
01466                 or ($this->object->getId() == ANONYMOUS_ROLE_ID and $user["usr_id"] == ANONYMOUS_USER_ID))
01467                         {
01468                 $result_set[$counter][] = "";
01469             }
01470             else
01471             {
01472                 $result_set[$counter][] = ilUtil::formCheckBox(0,"user_id[]",$user["usr_id"]);
01473             }
01474 
01475             $user_ids[$counter] = $user["usr_id"];
01476 
01477             $result_set[$counter][] = $user["login"];
01478                         $result_set[$counter][] = $user["firstname"];
01479                         $result_set[$counter][] = $user["lastname"];
01480                         $result_set[$counter][] = $member_functions;
01481 
01482                         ++$counter;
01483 
01484                         unset($member_functions);
01485                 }
01486 
01487                 return $this->__showAssignedUsersTable($result_set,$user_ids);
01488     }
01489         
01490         function __showAssignedUsersTable($a_result_set,$a_user_ids = NULL)
01491         {
01492         global $rbacsystem;
01493 
01494                 $actions = array("deassignUser"  => $this->lng->txt("remove"));
01495 
01496         $tbl =& $this->__initTableGUI();
01497                 $tpl =& $tbl->getTemplateObject();
01498                 
01499                 $this->__showButton('mailToRole',$this->lng->txt('role_mailto'),'target=\'_blank\'');
01500 
01501                 $tpl->setCurrentBlock("tbl_form_header");
01502                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01503                 $tpl->parseCurrentBlock();
01504 
01505                 $tpl->setCurrentBlock("tbl_action_row");
01506 
01507         $tpl->setCurrentBlock("plain_button");
01508                 $tpl->setVariable("PBTN_NAME","searchUserForm");
01509                 $tpl->setVariable("PBTN_VALUE",$this->lng->txt("role_add_user"));
01510                 $tpl->parseCurrentBlock();
01511                 $tpl->setCurrentBlock("plain_buttons");
01512                 $tpl->parseCurrentBlock();
01513 
01514                 $tpl->setVariable("COLUMN_COUNTS",5);
01515                 $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("arrow_downright.gif"));
01516 
01517                 foreach ($actions as $name => $value)
01518                 {
01519                         $tpl->setCurrentBlock("tbl_action_btn");
01520                         $tpl->setVariable("BTN_NAME",$name);
01521                         $tpl->setVariable("BTN_VALUE",$value);
01522                         $tpl->parseCurrentBlock();
01523                 }
01524                         
01525                 if (!empty($a_user_ids))
01526                 {
01527                         // set checkbox toggles
01528                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01529                         $tpl->setVariable("JS_VARNAME","user_id");                      
01530                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
01531                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01532                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01533                         $tpl->parseCurrentBlock();
01534                 }
01535 
01536         $tpl->setVariable("TPLPATH",$this->tpl->tplPath);
01537                 $this->ctrl->setParameter($this,"cmd","userassignment");
01538 
01539                 // title & header columns
01540                 $tbl->setTitle($this->lng->txt("assigned_users"),"icon_usr.gif",$this->lng->txt("users"));
01541 
01542                 //user must be administrator
01543                 $tbl->setHeaderNames(array("",$this->lng->txt("username"),$this->lng->txt("firstname"),
01544                         $this->lng->txt("lastname"),$this->lng->txt("grp_options")));
01545                 $tbl->setHeaderVars(array("","login","firstname","lastname","functions"),
01546                         $this->ctrl->getParameterArray($this,"",false));
01547                 $tbl->setColumnWidth(array("","20%","25%","25%","30%"));
01548                 
01549                 $this->__setTableGUIBasicData($tbl,$a_result_set,"userassignment");
01550                 $tbl->render();
01551                 $this->tpl->setVariable("ADM_CONTENT",$tbl->tpl->get());
01552 
01553                 return true;
01554         }
01555 
01556         function &__initTableGUI()
01557         {
01558                 include_once "./Services/Table/classes/class.ilTableGUI.php";
01559 
01560                 return new ilTableGUI(0,false);
01561         }
01562 
01563         function __setTableGUIBasicData(&$tbl,&$result_set,$from = "")
01564         {
01565         switch($from)
01566                 {
01567                         case "group":
01568                         $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
01569                                 break;
01570 
01571                         case "role":
01572                         $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
01573                                 break;
01574 
01575                         default:
01576                                 // init sort_by (unfortunatly sort_by is preset with 'title')
01577                         if ($_GET["sort_by"] == "title" or empty($_GET["sort_by"]))
01578                 {
01579                     $_GET["sort_by"] = "login";
01580                 }
01581                 $order = $_GET["sort_by"];
01582                                 break;
01583                 }
01584 
01585                 $tbl->setOrderColumn($order);
01586                 $tbl->setOrderDirection($_GET["sort_order"]);
01587                 $tbl->setOffset($_GET["offset"]);
01588                 $tbl->setLimit($_GET["limit"]);
01589                 $tbl->setFooter("tblfooter",$this->lng->txt("previous"),$this->lng->txt("next"));
01590                 $tbl->setData($result_set);
01591         }
01592 
01593         function searchUserFormObject()
01594         {
01595                 global $rbacsystem;
01596 
01597                 //if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01598                 if(!$this->checkAccess('edit_userassignment','edit_permission'))
01599                 {
01600                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01601                 }
01602 
01603                 $this->lng->loadLanguageModule('search');
01604 
01605                 $this->tpl->addBlockFile("ADM_CONTENT","adm_content","tpl.role_users_search.html");
01606 
01607                 $this->tpl->setVariable("F_ACTION",$this->ctrl->getFormAction($this));
01608                 $this->tpl->setVariable("SEARCH_ASSIGN_USR",$this->lng->txt("role_search_users"));
01609                 $this->tpl->setVariable("SEARCH_SEARCH_TERM",$this->lng->txt("search_search_term"));
01610                 $this->tpl->setVariable("SEARCH_VALUE",$_SESSION["role_search_str"] ? $_SESSION["role_search_str"] : "");
01611                 $this->tpl->setVariable("SEARCH_FOR",$this->lng->txt("exc_search_for"));
01612                 $this->tpl->setVariable("SEARCH_ROW_TXT_USER",$this->lng->txt("exc_users"));
01613                 $this->tpl->setVariable("SEARCH_ROW_TXT_ROLE",$this->lng->txt("exc_roles"));
01614                 $this->tpl->setVariable("SEARCH_ROW_TXT_GROUP",$this->lng->txt("exc_groups"));
01615                 $this->tpl->setVariable("BTN2_VALUE",$this->lng->txt("cancel"));
01616                 $this->tpl->setVariable("BTN1_VALUE",$this->lng->txt("search"));
01617 
01618         $usr = ($_POST["search_for"] == "usr" || $_POST["search_for"] == "") ? 1 : 0;
01619                 $grp = ($_POST["search_for"] == "grp") ? 1 : 0;
01620                 $role = ($_POST["search_for"] == "role") ? 1 : 0;
01621 
01622                 $this->tpl->setVariable("SEARCH_ROW_CHECK_USER",ilUtil::formRadioButton($usr,"search_for","usr"));
01623                 $this->tpl->setVariable("SEARCH_ROW_CHECK_ROLE",ilUtil::formRadioButton($role,"search_for","role"));
01624         $this->tpl->setVariable("SEARCH_ROW_CHECK_GROUP",ilUtil::formRadioButton($grp,"search_for","grp"));
01625 
01626                 $this->__unsetSessionVariables();
01627         }
01628 
01629         function __unsetSessionVariables()
01630         {
01631                 unset($_SESSION["role_delete_member_ids"]);
01632                 unset($_SESSION["role_delete_subscriber_ids"]);
01633                 unset($_SESSION["role_search_str"]);
01634                 unset($_SESSION["role_search_for"]);
01635                 unset($_SESSION["role_role"]);
01636                 unset($_SESSION["role_group"]);
01637                 unset($_SESSION["role_archives"]);
01638         }
01639 
01644         function cancelObject()
01645         {
01646                 ilUtil::sendInfo($this->lng->txt("action_aborted"),true);
01647                 
01648                 if ($_GET["new_type"] != "role")
01649                 {
01650                         $this->ctrl->redirect($this, "userassignment");
01651                 }
01652                 else
01653                 {
01654                         $this->ctrl->redirectByClass("ilobjrolefoldergui","view");
01655                 }
01656         }
01657 
01658         function searchObject()
01659         {
01660                 global $rbacsystem, $tree;
01661 
01662                 #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01663                 if(!$this->checkAccess('edit_userassignment','edit_permission'))
01664                 {
01665                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01666                 }
01667 
01668                 $_SESSION["role_search_str"] = $_POST["search_str"] = $_POST["search_str"] ? $_POST["search_str"] : $_SESSION["role_search_str"];
01669                 $_SESSION["role_search_for"] = $_POST["search_for"] = $_POST["search_for"] ? $_POST["search_for"] : $_SESSION["role_search_for"];
01670 
01671                 if (!isset($_POST["search_for"]) or !isset($_POST["search_str"]))
01672                 {
01673                         ilUtil::sendInfo($this->lng->txt("role_search_enter_search_string"));
01674                         $this->searchUserFormObject();
01675 
01676                         return false;
01677                 }
01678 
01679                 if (!count($result = $this->__search(ilUtil::stripSlashes($_POST["search_str"]),$_POST["search_for"])))
01680                 {
01681                         ilUtil::sendInfo($this->lng->txt("role_no_results_found"));
01682                         $this->searchUserFormObject();
01683 
01684                         return false;
01685                 }
01686 
01687                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
01688                 $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
01689 
01690                 $counter = 0;
01691                 $f_result = array();
01692 
01693                 switch($_POST["search_for"])
01694                 {
01695                 case "usr":
01696                                 foreach($result as $user)
01697                                 {
01698                                         if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user["id"],false))
01699                                         {
01700                                                 continue;
01701                                         }
01702                                         
01703                                         $user_ids[$counter] = $user["id"];
01704                                         
01705                                         $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user["id"]);
01706                                         $f_result[$counter][] = $tmp_obj->getLogin();
01707                                         $f_result[$counter][] = $tmp_obj->getFirstname();
01708                                         $f_result[$counter][] = $tmp_obj->getLastname();
01709 
01710                                         unset($tmp_obj);
01711                                         ++$counter;
01712                                 }
01713                                 $this->__showSearchUserTable($f_result,$user_ids);
01714 
01715                                 return true;
01716 
01717                         case "role":
01718                                 foreach($result as $role)
01719                                 {
01720                     // exclude anonymous role
01721                     if ($role["id"] == ANONYMOUS_ROLE_ID)
01722                     {
01723                         continue;
01724                     }
01725 
01726                     if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($role["id"],false))
01727                                         {
01728                                                 continue;
01729                                         }
01730 
01731                                     // exclude roles with no users assigned to
01732                     if ($tmp_obj->getCountMembers() == 0)
01733                     {
01734                         continue;
01735                     }
01736 
01737                                         $role_ids[$counter] = $role["id"];
01738 
01739                                         $f_result[$counter][] = ilUtil::formCheckbox(0,"role[]",$role["id"]);
01740                                         $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
01741                                         $f_result[$counter][] = $tmp_obj->getCountMembers();
01742 
01743                                         unset($tmp_obj);
01744                                         ++$counter;
01745                                 }
01746 
01747                                 $this->__showSearchRoleTable($f_result,$role_ids);
01748 
01749                                 return true;
01750 
01751                         case "grp":
01752                                 foreach($result as $group)
01753                                 {
01754                                         if(!$tree->isInTree($group["id"]))
01755                                         {
01756                                                 continue;
01757                                         }
01758 
01759                                         if(!$tmp_obj = ilObjectFactory::getInstanceByRefId($group["id"],false))
01760                                         {
01761                                                 continue;
01762                                         }
01763 
01764                     // exclude myself :-)
01765                     if ($tmp_obj->getId() == $this->object->getId())
01766                     {
01767                         continue;
01768                     }
01769 
01770                                         $grp_ids[$counter] = $group["id"];
01771 
01772                                         $f_result[$counter][] = ilUtil::formCheckbox(0,"group[]",$group["id"]);
01773                                         $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
01774                                         $f_result[$counter][] = $tmp_obj->getCountMembers();
01775 
01776                                         unset($tmp_obj);
01777                                         ++$counter;
01778                                 }
01779                                 $this->__showSearchGroupTable($f_result,$grp_ids);
01780 
01781                                 return true;
01782                 }
01783         }
01784 
01785         function __search($a_search_string,$a_search_for)
01786         {
01787                 include_once("class.ilSearch.php");
01788 
01789                 $this->lng->loadLanguageModule("content");
01790                 $search =& new ilSearch($_SESSION["AccountId"]);
01791                 $search->setPerformUpdate(false);
01792                 $search->setSearchString(ilUtil::stripSlashes($a_search_string));
01793                 $search->setCombination("and");
01794                 $search->setSearchFor(array(0 => $a_search_for));
01795                 $search->setSearchType('new');
01796 
01797                 if ($search->validate($message))
01798                 {
01799                         $search->performSearch();
01800                 }
01801                 else
01802                 {
01803                         ilUtil::sendInfo($message,true);
01804                         $this->ctrl->redirect($this,"searchUserForm");
01805                 }
01806 
01807                 return $search->getResultByType($a_search_for);
01808         }
01809 
01810         function __showSearchUserTable($a_result_set,$a_user_ids = NULL,$a_cmd = "search")
01811         {
01812         $return_to  = "searchUserForm";
01813 
01814         if ($a_cmd == "listUsersRole" or $a_cmd == "listUsersGroup")
01815         {
01816             $return_to = "search";
01817         }
01818 
01819                 $tbl =& $this->__initTableGUI();
01820                 $tpl =& $tbl->getTemplateObject();
01821 
01822                 // SET FORMACTION
01823                 $tpl->setCurrentBlock("tbl_form_header");
01824                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01825                 $tpl->parseCurrentBlock();
01826 
01827                 $tpl->setCurrentBlock("tbl_action_btn");
01828                 $tpl->setVariable("BTN_NAME",$return_to);
01829                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
01830                 $tpl->parseCurrentBlock();
01831 
01832                 $tpl->setCurrentBlock("tbl_action_btn");
01833                 $tpl->setVariable("BTN_NAME","assignUser");
01834                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("add"));
01835                 $tpl->parseCurrentBlock();
01836 
01837                 if (!empty($a_user_ids))
01838                 {               
01839                         // set checkbox toggles
01840                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01841                         $tpl->setVariable("JS_VARNAME","user");                 
01842                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
01843                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01844                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01845                         $tpl->parseCurrentBlock();
01846                 }
01847 
01848                 $tpl->setCurrentBlock("tbl_action_row");
01849                 $tpl->setVariable("COLUMN_COUNTS",4);
01850                 $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
01851                 $tpl->parseCurrentBlock();
01852 
01853                 $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
01854                 $tbl->setHeaderNames(array("",
01855                                                                    $this->lng->txt("username"),
01856                                                                    $this->lng->txt("firstname"),
01857                                                                    $this->lng->txt("lastname")));
01858                 $tbl->setHeaderVars(array("",
01859                                                                   "login",
01860                                                                   "firstname",
01861                                                                   "lastname"),
01862                                                         $this->ctrl->getParameterArray($this,$a_cmd,false));
01863                         //array("ref_id" => $this->rolf_ref_id,
01864                         //  "obj_id" => $this->object->getId(),
01865                         // "cmd" => $a_cmd,
01866                         //"cmdClass" => "ilobjrolegui",
01867                         // "cmdNode" => $_GET["cmdNode"]));
01868 
01869                 $tbl->setColumnWidth(array("","33%","33%","33%"));
01870 
01871                 $this->__setTableGUIBasicData($tbl,$a_result_set);
01872                 $tbl->render();
01873 
01874                 $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
01875 
01876                 return true;
01877         }
01878 
01879         function __showSearchRoleTable($a_result_set,$a_role_ids = NULL)
01880         {
01881                 $tbl =& $this->__initTableGUI();
01882                 $tpl =& $tbl->getTemplateObject();
01883 
01884                 $tpl->setCurrentBlock("tbl_form_header");
01885                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01886                 $tpl->parseCurrentBlock();
01887 
01888                 $tpl->setCurrentBlock("tbl_action_btn");
01889                 $tpl->setVariable("BTN_NAME","searchUserForm");
01890                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
01891                 $tpl->parseCurrentBlock();
01892 
01893                 $tpl->setCurrentBlock("tbl_action_btn");
01894                 $tpl->setVariable("BTN_NAME","listUsersRole");
01895                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("role_list_users"));
01896                 $tpl->parseCurrentBlock();
01897                 
01898                 if (!empty($a_role_ids))
01899                 {
01900                         // set checkbox toggles
01901                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01902                         $tpl->setVariable("JS_VARNAME","role");                 
01903                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_role_ids));
01904                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01905                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01906                         $tpl->parseCurrentBlock();
01907                 }
01908 
01909                 $tpl->setCurrentBlock("tbl_action_row");
01910                 $tpl->setVariable("COLUMN_COUNTS",4);
01911                 $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
01912                 $tpl->parseCurrentBlock();
01913 
01914                 $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
01915                 $tbl->setHeaderNames(array("",
01916                                                                    $this->lng->txt("obj_role"),
01917                                                                    $this->lng->txt("role_count_users")));
01918                 $tbl->setHeaderVars(array("",
01919                                                                   "title",
01920                                                                   "nr_members"),
01921                                                         $this->ctrl->getParameterArray($this,"search",false));
01922                         //array("ref_id" => $this->rolf_ref_id,
01923                         //"obj_id" => $this->object->getId(),
01924                         //"cmd" => "search",
01925                         //"cmdClass" => "ilobjrolegui",
01926                         //"cmdNode" => $_GET["cmdNode"]));
01927 
01928                 $tbl->setColumnWidth(array("","80%","19%"));
01929 
01930 
01931                 $this->__setTableGUIBasicData($tbl,$a_result_set,"role");
01932                 $tbl->render();
01933 
01934                 $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
01935 
01936                 return true;
01937         }
01938 
01939         function __showSearchGroupTable($a_result_set,$a_grp_ids = NULL)
01940         {
01941         $tbl =& $this->__initTableGUI();
01942                 $tpl =& $tbl->getTemplateObject();
01943 
01944                 $tpl->setCurrentBlock("tbl_form_header");
01945                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01946                 $tpl->parseCurrentBlock();
01947 
01948                 $tpl->setCurrentBlock("tbl_action_btn");
01949                 $tpl->setVariable("BTN_NAME","searchUserForm");
01950                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
01951                 $tpl->parseCurrentBlock();
01952 
01953                 $tpl->setCurrentBlock("tbl_action_btn");
01954                 $tpl->setVariable("BTN_NAME","listUsersGroup");
01955                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("grp_list_users"));
01956                 $tpl->parseCurrentBlock();
01957                 
01958                 if (!empty($a_grp_ids))
01959                 {
01960                         // set checkbox toggles
01961                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01962                         $tpl->setVariable("JS_VARNAME","group");                        
01963                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_grp_ids));
01964                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01965                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01966                         $tpl->parseCurrentBlock();
01967                 }
01968 
01969                 $tpl->setCurrentBlock("tbl_action_row");
01970                 $tpl->setVariable("COLUMN_COUNTS",4);
01971                 $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
01972                 $tpl->parseCurrentBlock();
01973 
01974                 $tbl->setTitle($this->lng->txt("grp_header_edit_members"),"icon_usr.gif",$this->lng->txt("grp_header_edit_members"));
01975                 $tbl->setHeaderNames(array("",
01976                                                                    $this->lng->txt("obj_grp"),
01977                                                                    $this->lng->txt("grp_count_members")));
01978                 $tbl->setHeaderVars(array("",
01979                                                                   "title",
01980                                                                   "nr_members"),
01981                                                         array("ref_id" => $this->rolf_ref_id,
01982                                   "obj_id" => $this->object->getId(),
01983                                                                   "cmd" => "search",
01984                                                                   "cmdClass" => "ilobjrolegui",
01985                                                                   "cmdNode" => $_GET["cmdNode"]));
01986 
01987                 $tbl->setColumnWidth(array("","80%","19%"));
01988 
01989 
01990                 $this->__setTableGUIBasicData($tbl,$a_result_set,"group");
01991                 $tbl->render();
01992 
01993                 $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
01994 
01995                 return true;
01996         }
01997 
01998         function listUsersRoleObject()
01999         {
02000                 global $rbacsystem,$rbacreview;
02001 
02002                 $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
02003 
02004                 if (!is_array($_POST["role"]))
02005                 {
02006                         ilUtil::sendInfo($this->lng->txt("role_no_roles_selected"));
02007                         $this->searchObject();
02008 
02009                         return false;
02010                 }
02011 
02012                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
02013                 $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
02014 
02015                 // GET ALL MEMBERS
02016                 $members = array();
02017 
02018                 foreach ($_POST["role"] as $role_id)
02019                 {
02020                         $members = array_merge($rbacreview->assignedUsers($role_id),$members);
02021                 }
02022 
02023                 $members = array_unique($members);
02024 
02025                 // FORMAT USER DATA
02026                 $counter = 0;
02027                 $f_result = array();
02028 
02029                 foreach($members as $user)
02030                 {
02031                         if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
02032                         {
02033                                 continue;
02034                         }
02035                         
02036                         $user_ids[$counter] = $user;
02037                         
02038                         // TODO: exclude anonymous user
02039                         $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
02040                         $f_result[$counter][] = $tmp_obj->getLogin();
02041                         $f_result[$counter][] = $tmp_obj->getFirstname();
02042                         $f_result[$counter][] = $tmp_obj->getLastname();
02043 
02044                         unset($tmp_obj);
02045                         ++$counter;
02046                 }
02047 
02048                 $this->__showSearchUserTable($f_result,$user_ids,"listUsersRole");
02049 
02050                 return true;
02051         }
02052 
02053         function listUsersGroupObject()
02054         {
02055                 global $rbacsystem,$rbacreview,$tree;
02056 
02057                 $_SESSION["role_group"] = $_POST["group"] = $_POST["group"] ? $_POST["group"] : $_SESSION["role_group"];
02058 
02059                 if (!is_array($_POST["group"]))
02060                 {
02061                         ilUtil::sendInfo($this->lng->txt("role_no_groups_selected"));
02062                         $this->searchObject();
02063 
02064                         return false;
02065                 }
02066 
02067                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
02068                 $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
02069 
02070                 // GET ALL MEMBERS
02071                 $members = array();
02072 
02073                 foreach ($_POST["group"] as $group_id)
02074                 {
02075                         if (!$tree->isInTree($group_id))
02076                         {
02077                                 continue;
02078                         }
02079                         if (!$tmp_obj = ilObjectFactory::getInstanceByRefId($group_id))
02080                         {
02081                                 continue;
02082                         }
02083 
02084                         $members = array_merge($tmp_obj->getGroupMemberIds(),$members);
02085 
02086                         unset($tmp_obj);
02087                 }
02088 
02089                 $members = array_unique($members);
02090 
02091                 // FORMAT USER DATA
02092                 $counter = 0;
02093                 $f_result = array();
02094 
02095                 foreach($members as $user)
02096                 {
02097                         if (!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
02098                         {
02099                                 continue;
02100                         }
02101                         
02102                         $user_ids[$counter] = $user;                    
02103 
02104                         $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
02105                         $f_result[$counter][] = $tmp_obj->getLogin();
02106                         $f_result[$counter][] = $tmp_obj->getFirstname();
02107                         $f_result[$counter][] = $tmp_obj->getLastname();
02108 
02109                         unset($tmp_obj);
02110                         ++$counter;
02111                 }
02112 
02113                 $this->__showSearchUserTable($f_result,$user_ids,"listUsersGroup");
02114 
02115                 return true;
02116         }
02117 
02118 
02119         function __formatPath($a_path_arr)
02120         {
02121                 $counter = 0;
02122 
02123                 foreach ($a_path_arr as $data)
02124                 {
02125                         if ($counter++)
02126                         {
02127                                 $path .= " -> ";
02128                         }
02129 
02130                         $path .= $data['title'];
02131                 }
02132 
02133                 if (strlen($path) > 50)
02134                 {
02135                         return '...'.substr($path,-50);
02136                 }
02137 
02138                 return $path;
02139         }
02140 
02141         function __prepareOutput()
02142         {
02143                 // output objects
02144                 //$this->tpl->addBlockFile("CONTENT", "content", "tpl.role.html");
02145                 $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
02146                 $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
02147 
02148                 // output locator
02149                 //$this->__setLocator();
02150 
02151                 // output message
02152                 if ($this->message)
02153                 {
02154                         ilUtil::sendInfo($this->message);
02155                 }
02156 
02157                 // display infopanel if something happened
02158                 ilUtil::infoPanel();
02159 
02160                 // set header
02161                 $this->__setHeader();
02162         }
02163 
02164         function __setHeader()
02165         {
02166                 include_once './classes/class.ilTabsGUI.php';
02167 
02168                 $this->tpl->setTitle($this->lng->txt('role'));
02169                 $this->tpl->setDescription($this->object->getTitle());
02170                 $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.gif"));
02171 
02172                 #$tabs_gui =& new ilTabsGUI();
02173                 $this->getTabs($this->tabs_gui);
02174 
02175                 // output tabs
02176                 #$this->tpl->setVariable("TABS", $tabs_gui->getHTML());
02177         }
02178 
02179         function __setLocator()
02180         {
02181                 global $tree, $ilias_locator;
02182                 
02183                 return;
02184                 
02185                 $this->tpl->addBlockFile("LOCATOR", "locator", "tpl.locator.html");
02186 
02187                 $counter = 0;
02188 
02189                 foreach ($tree->getPathFull($this->rolf_ref_id) as $key => $row)
02190                 {
02191                         if ($counter++)
02192                         {
02193                                 $this->tpl->touchBlock('locator_separator_prefix');
02194                         }
02195 
02196                         $this->tpl->setCurrentBlock("locator_item");
02197 
02198                         if ($row["type"] == 'rolf')
02199                         {
02200                                 $this->tpl->setVariable("ITEM",$this->object->getTitle());
02201                                 $this->tpl->setVariable("LINK_ITEM",$this->ctrl->getLinkTarget($this));
02202                         }
02203                         elseif ($row["child"] != $tree->getRootId())
02204                         {
02205                                 $this->tpl->setVariable("ITEM", $row["title"]);
02206                                 $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
02207                         }
02208                         else
02209                         {
02210                                 $this->tpl->setVariable("ITEM", $this->lng->txt("repository"));
02211                                 $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
02212                         }
02213 
02214                         $this->tpl->parseCurrentBlock();
02215                 }
02216 
02217                 $this->tpl->setVariable("TXT_LOCATOR",$this->lng->txt("locator"));
02218                 $this->tpl->parseCurrentBlock();
02219         }
02220         
02225         function addAdminLocatorItems()
02226         {
02227                 global $ilLocator;
02228 
02229                 if ($_GET["admin_mode"] == "settings"
02230                         && $_GET["ref_id"] != SYSTEM_FOLDER_ID) // system settings
02231                 {               
02232                         $ilLocator->addItem($this->lng->txt("administration"),
02233                                 $this->ctrl->getLinkTargetByClass("iladministrationgui", "frameset"),
02234                                 ilFrameTargetInfo::_getFrame("MainContent"));
02235 
02236                         $ilLocator->addItem($this->lng->txt("obj_".ilObject::_lookupType(
02237                                 ilObject::_lookupObjId($_GET["ref_id"]))),
02238                                 $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
02239                         
02240                         if ($_GET["obj_id"] > 0)
02241                         {
02242                                 $ilLocator->addItem($this->object->getTitle(),
02243                                         $this->ctrl->getLinkTarget($this, "view"));
02244                         }
02245                 }
02246                 else                                                    // repository administration
02247                 {
02248                         // ?
02249                 }
02250         }
02251         
02252         function showUpperIcon()
02253         {
02254                 global $tree, $tpl, $objDefinition;
02255                 
02256                 if (strtolower($_GET["baseClass"]) == "iladministrationgui")
02257                 {
02258                         if ($_GET["admin_mode"] == "settings"
02259                                 && $_GET["ref_id"] != SYSTEM_FOLDER_ID)
02260                         {
02261                                 $tpl->setUpperIcon(
02262                                         $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
02263                         }
02264                 }
02265                 else
02266                 {               
02267                         if ($this->object->getRefId() != ROOT_FOLDER_ID &&
02268                                 $this->object->getRefId() != SYSTEM_FOLDER_ID)
02269                         {
02270                                 $par_id = $tree->getParentId($this->object->getRefId());
02271                                 $tpl->setUpperIcon("repository.php?ref_id=".$par_id);
02272                         }
02273                 }
02274         }
02275 
02276 
02277 
02278         function getTabs(&$tabs_gui)
02279         {
02280                 global $rbacsystem,$rbacreview;
02281 
02282                 $base_role_folder = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
02283                 
02284 //var_dump($base_role_folder);
02285 //echo "-".$this->rolf_ref_id."-";
02286 
02287                 $activate_role_edit = false;
02288                 
02289                 // todo: activate the following (allow editing of local roles in
02290                 // roles administration)
02291                 //if (in_array($this->rolf_ref_id,$base_role_folder))
02292                 if (in_array($this->rolf_ref_id,$base_role_folder) ||
02293                         (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
02294                         $_GET["admin_mode"] == "settings"))
02295                 {
02296                         $activate_role_edit = true;
02297                 }
02298 
02299                 // not so nice (workaround for using tabs in repository)
02300                 $tabs_gui->clearTargets();
02301 
02302                 if ($this->back_target != "")
02303                 {
02304                         $tabs_gui->setBackTarget(
02305                                 $this->back_target["text"],$this->back_target["link"]);
02306                 }
02307 
02308                 #if ($rbacsystem->checkAccess('write',$this->rolf_ref_id) && $activate_role_edit)
02309                 if($this->checkAccess('write','edit_permission') && $activate_role_edit)
02310                 {
02311                         $tabs_gui->addTarget("edit_properties",
02312                                 $this->ctrl->getLinkTarget($this, "edit"), array("edit","update"), get_class($this));
02313                 }
02314 
02315                 #if ($rbacsystem->checkAccess('write',$this->rolf_ref_id))
02316                 if($this->checkAccess('write','edit_permission'))
02317                 {
02318                         $force_active = ($_GET["cmd"] == "perm" || $_GET["cmd"] == "")
02319                                 ? true
02320                                 : false;
02321                         $tabs_gui->addTarget("default_perm_settings",
02322                                 $this->ctrl->getLinkTarget($this, "perm"), array("perm", "adoptPermSave", "permSave"),
02323                                 get_class($this),
02324                                 "", $force_active);
02325                 }
02326 
02327                 #if ($rbacsystem->checkAccess('write',$this->rolf_ref_id) && $activate_role_edit)
02328                 if($this->checkAccess('write','edit_permission') && $activate_role_edit)
02329                 {
02330                         $tabs_gui->addTarget("user_assignment",
02331                                 $this->ctrl->getLinkTarget($this, "userassignment"),
02332                                 array("deassignUser", "userassignment", "assignUser", "searchUserForm", "search"),
02333                                 get_class($this));
02334                 }
02335 
02336                 #if ($rbacsystem->checkAccess('write',$this->rolf_ref_id) && $activate_role_edit)
02337                 if($this->checkAccess('write','edit_permission') && $activate_role_edit)
02338                 {
02339                         $tabs_gui->addTarget("desktop_items",
02340                                 $this->ctrl->getLinkTarget($this, "listDesktopItems"),
02341                                 array("listDesktopItems", "deleteDesktopItems", "selectDesktopItem", "askDeleteDesktopItem"),
02342                                 get_class($this));
02343                 }
02344         }
02345         
02346         function mailToRoleObject()
02347         {
02348                 global $rbacreview;
02349                 $_SESSION['mail_roles'][] = $rbacreview->getRoleMailboxAddress($this->object->getId());
02350                 $script = 'ilias.php?baseClass=ilMailGUI&type=role';
02351                 ilUtil::redirect($script);
02352         }
02353         
02354         function checkAccess($a_perm_global,$a_perm_obj = '')
02355         {
02356                 global $rbacsystem,$ilAccess;
02357                 
02358                 $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
02359                 
02360                 if($this->rolf_ref_id == ROLE_FOLDER_ID)
02361                 {
02362                         return $rbacsystem->checkAccess($a_perm_global,$this->rolf_ref_id);
02363                 }
02364                 else
02365                 {
02366                         return $ilAccess->checkAccess($a_perm_obj,'',$this->obj_ref_id);
02367                 }
02368         }
02369         
02370 } // END class.ilObjRoleGUI
02371 ?>