ILIAS  Release_4_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilObjRoleGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 include_once "./classes/class.ilObjectGUI.php";
5 include_once './Services/AccessControl/classes/class.ilObjRole.php';
6 
19 class ilObjRoleGUI extends ilObjectGUI
20 {
21  const MODE_GLOBAL_UPDATE = 1;
22  const MODE_GLOBAL_CREATE = 2;
23  const MODE_LOCAL_UPDATE = 3;
24  const MODE_LOCAL_CREATE = 4;
25 
31  var $type;
32 
38  var $rolf_ref_id;
39 
40  protected $obj_ref_id = 0;
41  protected $container_type = '';
42 
43 
44  var $ctrl;
45 
50  function __construct($a_data,$a_id,$a_call_by_reference = false,$a_prepare_output = true)
51  {
52  global $tree,$lng;
53 
54  $lng->loadLanguageModule('rbac');
55 
56  //TODO: move this to class.ilias.php
57  define("USER_FOLDER_ID",7);
58 
59  if($_GET['rolf_ref_id'] != '')
60  {
61  $this->rolf_ref_id = $_GET['rolf_ref_id'];
62  }
63  else
64  {
65  $this->rolf_ref_id = $_GET['ref_id'];
66  }
67  // Add ref_id of object that contains this role folder
68  $this->obj_ref_id = $tree->getParentId($this->rolf_ref_id);
69  $this->container_type = ilObject::_lookupType(ilObject::_lookupObjId($this->obj_ref_id));
70 
71  $this->type = "role";
72  $this->ilObjectGUI($a_data,$a_id,$a_call_by_reference,false);
73  $this->ctrl->saveParameter($this, array("obj_id", "rolf_ref_id"));
74  }
75 
76 
77  function &executeCommand()
78  {
79 
80  global $rbacsystem;
81 
82  // todo: clean this mess up, but note that there are several
83  // points where roles can be edited:
84  // - repository categories, courses, groups, learning modules
85  // glossaries (see object.xml)
86  // - administration -> repository trash and permissions ->
87  // item ->edit role
88  // - administration -> repository trash and permissions ->
89  // role folder -> role
90  // - administration -> roles -> role
91  if($this->ctrl->getTargetScript() == 'repository.php' ||
92  $this->ctrl->getTargetScript() == 'role.php' ||
93  $this->ctrl->getTargetScript() == 'fblm_edit.php' ||
94  strtolower($_GET["baseClass"]) == 'ilchathandlergui' ||
95  strtolower($_GET["baseClass"]) == 'ilchatpresentationgui' ||
96  strtolower($_GET["baseClass"]) == 'illmeditorgui' ||
97  strtolower($_GET["baseClass"]) == 'ilexercisehandlergui' ||
98  strtolower($_GET["baseClass"]) == 'illinkresourcehandlergui' ||
99  strtolower($_GET["baseClass"]) == 'ilsahseditgui' ||
100  strtolower($_GET["baseClass"]) == 'ilobjsurveygui' ||
101  strtolower($_GET["baseClass"]) == 'ilwikihandlergui' ||
102  strtolower($_GET["baseClass"]) == 'ilmediapoolpresentation' ||
103  strtolower($_GET["baseClass"]) == 'ilobjsurveyquestionpoolgui' ||
104  strtolower($_GET["baseClass"]) == 'ilobjtestgui' ||
105  strtolower($_GET["baseClass"]) == 'ilobjquestionpoolgui' ||
106  strtolower($_GET["baseClass"]) == 'ilglossaryeditorgui' ||
107  $_GET["admin_mode"] == "repository")
108  {
109  $this->__prepareOutput();
110  }
111  else
112  {
113  if ($_GET["ref_id"] != SYSTEM_FOLDER_ID)
114  {
115  $this->prepareOutput();
116  }
117  else
118  {
119  //$this->setAdminTabs();
120  //$this->addAdminLocatorItems();
121  //$tpl->setLocator();
122  }
123  }
124 
125  $next_class = $this->ctrl->getNextClass($this);
126  $cmd = $this->ctrl->getCmd();
127 
128  switch($next_class)
129  {
130  case 'ilrepositorysearchgui':
131  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
132  $rep_search =& new ilRepositorySearchGUI();
133  $rep_search->setCallback($this,'addUserObject');
134 
135  // Set tabs
136  $this->tabs_gui->setTabActive('user_assignment');
137  $this->ctrl->setReturn($this,'userassignment');
138  $ret =& $this->ctrl->forwardCommand($rep_search);
139  break;
140 
141  default:
142  if(!$cmd)
143  {
144  if($this->showDefaultPermissionSettings())
145  {
146  $cmd = "perm";
147  }
148  else
149  {
150  $cmd = 'userassignment';
151  }
152  }
153  $cmd .= "Object";
154  $this->$cmd();
155 
156  break;
157  }
158 
159  return true;
160  }
161 
165  function setBackTarget($a_text, $a_link)
166  {
167  $this->back_target = array("text" => $a_text,
168  "link" => $a_link);
169  }
170 
171  public function getBackTarget()
172  {
173  return $this->back_target ? $this->back_target : array();
174  }
175 
179  function getAdminTabs(&$tabs_gui)
180  {
181  $this->getTabs($tabs_gui);
182  }
183 
188  protected function getContainerType()
189  {
190  return $this->container_type;
191  }
192 
197  protected function showDefaultPermissionSettings()
198  {
199  global $objDefinition;
200 
201  return $objDefinition->isContainer($this->getContainerType());
202  }
203 
204 
205  function listDesktopItemsObject()
206  {
207  global $rbacsystem,$rbacreview,$tree;
208 
209 
210  #if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
211  /*
212  if(!$this->checkAccess('edit_permission'))
213  {
214  ilUtil::sendFailure()
215  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
216  }
217  */
218  if(!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
219  $this->rolf_ref_id != ROLE_FOLDER_ID)
220  {
221  ilUtil::sendInfo($this->lng->txt('role_no_users_no_desk_items'));
222  return true;
223  }
224 
225 
226  include_once './classes/class.ilRoleDesktopItem.php';
227  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
228 
229  if($rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
230  {
231  $this->__showButton('selectDesktopItem',$this->lng->txt('role_desk_add'));
232  }
233  if(!count($items = $role_desk_item_obj->getAll()))
234  {
235  ilUtil::sendInfo($this->lng->txt('role_desk_none_created'));
236  return true;
237  }
238  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_list.html");
239  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
240  $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
241  $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
242  $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
243  $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
244  $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
245  $this->tpl->setVariable("IMG_ARROW",ilUtil::getImagePath('arrow_downright.gif'));
246 
247  $counter = 0;
248 
249  foreach($items as $role_item_id => $item)
250  {
251  $tmp_obj = ilObjectFactory::getInstanceByRefId($item['item_id']);
252 
253  if(strlen($desc = $tmp_obj->getDescription()))
254  {
255  $this->tpl->setCurrentBlock("description");
256  $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
257  $this->tpl->parseCurrentBlock();
258  }
259  $this->tpl->setCurrentBlock("desk_row");
260  $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
261  $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
262  $this->tpl->setVariable("CHECK_DESK",ilUtil::formCheckBox(0,'del_desk_item[]',$role_item_id));
263  $this->tpl->setVariable("TXT_PATH",$this->lng->txt('path').':');
264  $this->tpl->setVariable("PATH",$this->__formatPath($tree->getPathFull($item['item_id'])));
265  $this->tpl->parseCurrentBlock();
266  }
267 
268  return true;
269  }
270 
271  function askDeleteDesktopItemObject()
272  {
273  global $rbacsystem;
274 
275 
276  #if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
277  if(!$this->checkAccess('edit_permission'))
278  {
279  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
280  }
281  if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
282  {
283  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
284  }
285  if(!count($_POST['del_desk_item']))
286  {
287  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
288 
289  $this->listDesktopItemsObject();
290 
291  return true;
292  }
293  ilUtil::sendQuestion($this->lng->txt('role_sure_delete_desk_items'));
294 
295  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_ask_delete_desktop_item.html");
296  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
297  $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
298  $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
299  $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
300  $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
301  $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
302  $this->tpl->setVariable("BTN_CANCEL",$this->lng->txt('cancel'));
303 
304  include_once './classes/class.ilRoleDesktopItem.php';
305 
306  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
307 
308  $counter = 0;
309 
310  foreach($_POST['del_desk_item'] as $role_item_id)
311  {
312  $item_data = $role_desk_item_obj->getItem($role_item_id);
313  $tmp_obj =& ilObjectFactory::getInstanceByRefId($item_data['item_id']);
314 
315  if(strlen($desc = $tmp_obj->getDescription()))
316  {
317  $this->tpl->setCurrentBlock("description");
318  $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
319  $this->tpl->parseCurrentBlock();
320  }
321  $this->tpl->setCurrentBlock("desk_row");
322  $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
323  $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
324  $this->tpl->parseCurrentBlock();
325  }
326 
327  $_SESSION['role_del_desk_items'] = $_POST['del_desk_item'];
328 
329  return true;
330  }
331 
332  function deleteDesktopItemsObject()
333  {
334  global $rbacsystem;
335 
336  #if (!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
337  if(!$this->checkAccess('edit_permission'))
338  {
339  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
340  }
341 
342  if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
343  {
344  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
345  }
346 
347  if (!count($_SESSION['role_del_desk_items']))
348  {
349  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
350 
351  $this->listDesktopItemsObject();
352 
353  return true;
354  }
355 
356  include_once './classes/class.ilRoleDesktopItem.php';
357 
358  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
359 
360  foreach ($_SESSION['role_del_desk_items'] as $role_item_id)
361  {
362  $role_desk_item_obj->delete($role_item_id);
363  }
364 
365  ilUtil::sendSuccess($this->lng->txt('role_deleted_desktop_items'));
366  $this->listDesktopItemsObject();
367 
368  return true;
369  }
370 
371 
372  function selectDesktopItemObject()
373  {
374  global $rbacsystem,$tree;
375 
376  include_once './classes/class.ilRoleDesktopItemSelector.php';
377  include_once './classes/class.ilRoleDesktopItem.php';
378 
379  if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
380  {
381  #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
382  ilUtil::sendFailure($this->lng->txt('permission_denied'));
383  $this->listDesktopItemsObject();
384  return false;
385  }
386 
387  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_selector.html");
388  $this->__showButton('listDesktopItems',$this->lng->txt('back'));
389 
390  ilUtil::sendInfo($this->lng->txt("role_select_desktop_item"));
391 
392  $exp = new ilRoleDesktopItemSelector($this->ctrl->getLinkTarget($this,'selectDesktopItem'),
393  new ilRoleDesktopItem($this->object->getId()));
394  $exp->setExpand($_GET["role_desk_item_link_expand"] ? $_GET["role_desk_item_link_expand"] : $tree->readRootId());
395  $exp->setExpandTarget($this->ctrl->getLinkTarget($this,'selectDesktopItem'));
396 
397  $exp->setOutput(0);
398 
399  $output = $exp->getOutput();
400  $this->tpl->setVariable("EXPLORER",$output);
401  //$this->tpl->setVariable("EXPLORER", $exp->getOutput());
402 
403  return true;
404  }
405 
406  function assignDesktopItemObject()
407  {
408  global $rbacsystem;
409 
410  if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
411  {
412  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
413  return false;
414  }
415 
416 
417  if (!isset($_GET['item_id']))
418  {
419  ilUtil::sendFailure($this->lng->txt('role_no_item_selected'));
420  $this->selectDesktopItemObject();
421 
422  return false;
423  }
424 
425  include_once './classes/class.ilRoleDesktopItem.php';
426 
427  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
428  $role_desk_item_obj->add((int) $_GET['item_id'],ilObject::_lookupType((int) $_GET['item_id'],true));
429 
430  ilUtil::sendSuccess($this->lng->txt('role_assigned_desktop_item'));
431 
432  $this->ctrl->redirect($this,'listDesktopItems');
433  return true;
434  }
435 
441  protected function initFormRoleProperties($a_mode)
442  {
443  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
444  $this->form = new ilPropertyFormGUI();
445 
446  if($this->creation_mode)
447  {
448  $this->ctrl->setParameter($this, "new_type", 'role');
449  }
450  $this->form->setFormAction($this->ctrl->getFormAction($this));
451 
452  switch($a_mode)
453  {
454  case self::MODE_GLOBAL_CREATE:
455  $this->form->setTitle($this->lng->txt('role_new'));
456  $this->form->addCommandButton('save',$this->lng->txt('role_new'));
457  break;
458 
459  case self::MODE_GLOBAL_UPDATE:
460  $this->form->setTitle($this->lng->txt('role_edit'));
461  $this->form->addCommandButton('update', $this->lng->txt('save'));
462  break;
463 
464  case self::MODE_LOCAL_CREATE:
465  case self::MODE_LOCAL_UPDATE:
466  }
467  // Fix cancel
468  $this->form->addCommandButton('cancel', $this->lng->txt('cancel'));
469 
470  $title = new ilTextInputGUI($this->lng->txt('title'),'title');
471  if(ilObjRole::isAutoGenerated($this->object->getId()))
472  {
473  $title->setDisabled(true);
474  }
475  $title->setValidationRegexp('/^(?!il_).*$/');
476  $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
477  $title->setSize(40);
478  $title->setMaxLength(70);
479  $title->setRequired(true);
480  $this->form->addItem($title);
481 
482  $desc = new ilTextAreaInputGUI($this->lng->txt('description'),'desc');
483  if(ilObjRole::isAutoGenerated($this->object->getId()))
484  {
485  $desc->setDisabled(true);
486  }
487  $desc->setCols(40);
488  $desc->setRows(3);
489  $this->form->addItem($desc);
490 
491  if($this->rolf_ref_id == ROLE_FOLDER_ID)
492  {
493  $reg = new ilCheckboxInputGUI($this->lng->txt('allow_register'),'reg');
494  $reg->setValue(1);
495  #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
496  $this->form->addItem($reg);
497 
498  $la = new ilCheckboxInputGUI($this->lng->txt('allow_assign_users'),'la');
499  $la->setValue(1);
500  #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
501  $this->form->addItem($la);
502  }
503 
504  $pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'),'pro');
505  $pro->setValue(1);
506  #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
507  $this->form->addItem($pro);
508 
509  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
510  if(ilDiskQuotaActivationChecker::_isActive())
511  {
512  $quo = new ilNumberInputGUI($this->lng->txt('disk_quota'),'disk_quota');
513  $quo->setMinValue(0);
514  $quo->setSize(4);
515  $quo->setInfo($this->lng->txt('enter_in_mb_desc').'<br />'.$this->lng->txt('disk_quota_on_role_desc'));
516  $this->form->addItem($quo);
517  }
518 
519  return true;
520  }
521 
527  protected function loadRoleProperties(ilObjRole $role)
528  {
529  $role->setTitle($this->form->getInput('title'));
530  $role->setDescription($this->form->getInput('desc'));
531  $role->setAllowRegister($this->form->getInput('reg'));
532  $role->toggleAssignUsersStatus($this->form->getInput('la'));
533  $role->setDiskQuota($this->form->getInput('disk_quota') * pow(ilFormat::_getSizeMagnitude(),2));
534  return true;
535  }
536 
542  protected function readRoleProperties(ilObjRole $role)
543  {
544  global $rbacreview;
545 
546  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
547 
548  $data['title'] = $role->getTitle();
549  $data['desc'] = $role->getDescription();
550  $data['reg'] = $role->getAllowRegister();
551  $data['la'] = $role->getAssignUsersStatus();
552  if(ilDiskQuotaActivationChecker::_isActive())
553  {
554  $data['disk_quota'] = $role->getDiskQuota() / (pow(ilFormat::_getSizeMagnitude(),2));
555  }
556  $data['pro'] = $rbacreview->isProtected($this->rolf_ref_id, $role->getId());
557 
558  $this->form->setValuesByArray($data);
559  }
560 
561 
562 
563 
569  public function createObject()
570  {
571  global $rbacsystem;
572 
573  if(!$rbacsystem->checkAccess('create_role',$this->rolf_ref_id))
574  {
575  $ilErr->raiseError($this->lng->txt('permission_denied'),$ilErr->MESSAGE);
576  }
577 
578  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
579  $this->tpl->setContent($this->form->getHTML());
580  }
581 
586  public function editObject()
587  {
588  global $rbacsystem, $rbacreview, $ilSetting,$ilErr;
589 
590  if(!$this->checkAccess('write','edit_permission'))
591  {
592  $ilErr->raiseError($this->lng->txt("msg_no_perm_write"),$ilErr->MESSAGE);
593  }
594  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
595  $this->readRoleProperties($this->object);
596  $this->tpl->setContent($this->form->getHTML());
597  }
598 
604  function editObject2()
605  {
606  global $rbacsystem, $rbacreview, $ilSetting;
607  require_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
608  require_once 'classes/class.ilFormat.php';
609 
610  #if (!$rbacsystem->checkAccess("write", $this->rolf_ref_id))
611  if(!$this->checkAccess('write','edit_permission'))
612  {
613  $this->ilias->raiseError($this->lng->txt("msg_no_perm_write"),$this->ilias->error_obj->MESSAGE);
614  }
615 
616  $this->getTemplateFile("edit");
617 
618  if ($_SESSION["error_post_vars"])
619  {
620  // fill in saved values in case of error
621  if (substr($this->object->getTitle(false),0,3) != "il_")
622  {
623  $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($_SESSION["error_post_vars"]["Fobject"]["title"]),true);
624  $this->tpl->setVariable("DESC",ilUtil::stripSlashes($_SESSION["error_post_vars"]["Fobject"]["desc"]));
625  }
626 
627  $allow_register = ($_SESSION["error_post_vars"]["Fobject"]["allow_register"]) ? "checked=\"checked\"" : "";
628  $assign_users = ($_SESSION["error_post_vars"]["Fobject"]["assign_users"]) ? "checked=\"checked\"" : "";
629  $protect_permissions = ($_SESSION["error_post_vars"]["Fobject"]["protect_permissions"]) ? "checked=\"checked\"" : "";
630  if (ilDiskQuotaActivationChecker::_isActive())
631  {
632  $disk_quota = $_SESSION["error_post_vars"]["Fobject"]["disk_quota"];
633  }
634  }
635  else
636  {
637  if (substr($this->object->getTitle(),0,3) != "il_")
638  {
639  $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($this->object->getTitle()));
640  $this->tpl->setVariable("DESC",ilUtil::stripSlashes($this->object->getDescription()));
641  }
642 
643  $allow_register = ($this->object->getAllowRegister()) ? "checked=\"checked\"" : "";
644  $assign_users = $this->object->getAssignUsersStatus() ? "checked=\"checked\"" : "";
645  if (ilDiskQuotaActivationChecker::_isActive())
646  {
647  $disk_quota = $this->object->getDiskQuota() / ilFormat::_getSizeMagnitude() / ilFormat::_getSizeMagnitude();
648  }
649  $protect_permissions = $rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()) ? "checked=\"checked\"" : "";
650 
651  }
652 
653  $obj_str = "&obj_id=".$this->obj_id;
654 
655  $this->tpl->setVariable("TXT_TITLE",$this->lng->txt("title"));
656  $this->tpl->setVariable("TXT_DESC",$this->lng->txt("desc"));
657 
658  // exclude allow register option for anonymous role, system role and all local roles
659  $global_roles = $rbacreview->getGlobalRoles();
660 
661  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
662  $this->tpl->setVariable("TXT_HEADER", $this->lng->txt($this->object->getType()."_edit"));
663  $this->tpl->setVariable("TARGET", $this->getTargetFrame("update"));
664  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
665  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
666  $this->tpl->setVariable("CMD_SUBMIT", "update");
667  $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
668 
669  if (substr($this->object->getTitle(),0,3) == "il_")
670  {
671  $this->tpl->setVariable("SHOW_TITLE",ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")");
672 
673  $rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
674  $parent_node = $this->tree->getParentNodeData($rolf[0]);
675 
676  $this->tpl->setVariable("SHOW_DESC",$this->lng->txt("obj_".$parent_node['type'])." (".$parent_node['obj_id'].") <br/>".$parent_node['title']);
677 
678  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
679  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("back"));
680  $this->tpl->setVariable("CMD_SUBMIT", "cancel");
681  }
682 
683  if ($this->object->getId() != ANONYMOUS_ROLE_ID and
684  $this->object->getId() != SYSTEM_ROLE_ID and
685  in_array($this->object->getId(),$global_roles))
686  {
687  $this->tpl->setCurrentBlock("allow_register");
688  $this->tpl->setVariable("TXT_ALLOW_REGISTER",$this->lng->txt("allow_register"));
689  $this->tpl->setVariable("ALLOW_REGISTER",$allow_register);
690  $this->tpl->parseCurrentBlock();
691 
692  $this->tpl->setCurrentBlock("assign_users");
693  $this->tpl->setVariable("TXT_ASSIGN_USERS",$this->lng->txt('allow_assign_users'));
694  $this->tpl->setVariable("ASSIGN_USERS",$assign_users);
695  $this->tpl->parseCurrentBlock();
696 
697  $this->tpl->setCurrentBlock("protect_permissions");
698  $this->tpl->setVariable("TXT_PROTECT_PERMISSIONS",$this->lng->txt('role_protect_permissions'));
699  $this->tpl->setVariable("PROTECT_PERMISSIONS",$protect_permissions);
700  $this->tpl->parseCurrentBlock();
701 
702  require_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
703  if (ilDiskQuotaActivationChecker::_isActive())
704  {
705  $this->tpl->setCurrentBlock("disk_quota");
706  $this->tpl->setVariable("TXT_DISK_QUOTA",$this->lng->txt("disk_quota"));
707  $this->tpl->setVariable("TXT_DISK_QUOTA_DESC",$this->lng->txt("enter_in_mb_desc").'<br>'.$this->lng->txt("disk_quota_on_role_desc"));
708  $this->tpl->setVariable("DISK_QUOTA",$disk_quota);
709  $this->tpl->parseCurrentBlock();
710  }
711  }
712  }
713 
714 
719  public function saveObject()
720  {
721  global $rbacadmin,$rbacreview;
722 
723  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
724  if($this->form->checkInput() and !$this->checkDuplicate())
725  {
726  include_once './Services/AccessControl/classes/class.ilObjRole.php';
727  $this->loadRoleProperties($this->role = new ilObjRole());
728  $this->role->create();
729  $rbacadmin->assignRoleToFolder($this->role->getId(), $this->rolf_ref_id,'y');
730  $rbacadmin->setProtected(
731  $this->rolf_ref_id,
732  $this->role->getId(),
733  $this->form->getInput('pro') ? 'y' : 'n'
734  );
735  ilUtil::sendSuccess($this->lng->txt("role_added"),true);
736  $this->ctrl->returnToParent($this);
737  }
738 
739  ilUtil::sendFailure($this->lng->txt('err_check_input'));
740  $this->form->setValuesByPost();
741  $this->tpl->setContent($this->form->getHTML());
742  return false;
743  }
744 
749  protected function checkDuplicate($a_role_id = 0)
750  {
751  global $rbacreview;
752 
753  foreach($rbacreview->getRolesOfRoleFolder($this->rolf_ref_id) as $role_id)
754  {
755  if($role_id == $a_role_id)
756  {
757  continue;
758  }
759 
760  $title = trim(ilObject::_lookupTitle($role_id));
761  if(strcmp($title, trim($this->form->getInput('title'))) === 0)
762  {
763  $this->form->getItemByPostVar('title')->setAlert($this->lng->txt('rbac_role_exists_alert'));
764  return true;
765  }
766  }
767  return false;
768  }
769 
774  public function updateObject()
775  {
776  global $rbacadmin;
777 
778  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
779  if($this->form->checkInput() and !$this->checkDuplicate($this->object->getId()))
780  {
781  include_once './Services/AccessControl/classes/class.ilObjRole.php';
782  $this->loadRoleProperties($this->object);
783  $this->object->update();
784  $rbacadmin->setProtected(
785  $this->rolf_ref_id,
786  $this->object->getId(),
787  $this->form->getInput('pro') ? 'y' : 'n'
788  );
789  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
790  $this->ctrl->redirect($this,'edit');
791  }
792 
793  ilUtil::sendFailure($this->lng->txt('err_check_input'));
794  $this->form->setValuesByPost();
795  $this->tpl->setContent($this->form->getHTML());
796  return false;
797  }
798 
799 
800 
801 
807  function permObject()
808  {
809  global $rbacadmin, $rbacreview, $rbacsystem, $objDefinition, $tree,$ilTabs;
810 
811  $ilTabs->setTabActive('default_perm_settings');
812 
813  $access = $this->checkAccess('visible,write','edit_permission');
814  if (!$access)
815  {
816  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
817  }
818 
819 
820  $perm_def = $this->object->__getPermissionDefinitions();
821 
822  $rbac_objects =& $perm_def[0];
823  $rbac_operations =& $perm_def[1];
824 
825  foreach ($rbac_objects as $key => $obj_data)
826  {
827  if ($objDefinition->isPlugin($obj_data["type"]))
828  {
829  $rbac_objects[$key]["name"] = ilPlugin::lookupTxt("rep_robj", $obj_data["type"],
830  "obj_".$obj_data["type"]);
831  }
832  else
833  {
834  $rbac_objects[$key]["name"] = $this->lng->txt("obj_".$obj_data["type"]);
835  }
836  $rbac_objects[$key]["ops"] = $rbac_operations[$key];
837  }
838 
839  // for local roles display only the permissions settings for allowed subobjects
840  if ($this->rolf_ref_id != ROLE_FOLDER_ID)
841  {
842  // first get object in question (parent of role folder object)
843  $parent_data = $this->tree->getParentNodeData($this->rolf_ref_id);
844  // get allowed subobjects of object recursively
845  $subobj_data = $this->objDefinition->getSubObjectsRecursively($parent_data["type"]);
846 
847  // remove not allowed object types from array but keep the type definition of object itself
848  foreach ($rbac_objects as $key => $obj_data)
849  {
850  if ($obj_data["type"] == "rolf")
851  {
852  unset($rbac_objects[$key]);
853  continue;
854  }
855 
856  if (!$subobj_data[$obj_data["type"]] and $parent_data["type"] != $obj_data["type"])
857  {
858  unset($rbac_objects[$key]);
859  }
860  }
861  } // end if local roles
862 
863  // now sort computed result
864  //sort($rbac_objects);
865 
866  /*foreach ($rbac_objects as $key => $obj_data)
867  {
868  sort($rbac_objects[$key]["ops"]);
869  }*/
870 
871  // sort by (translated) name of object type
872  $rbac_objects = ilUtil::sortArray($rbac_objects,"name","asc");
873 
874  // BEGIN CHECK_PERM
875  foreach ($rbac_objects as $key => $obj_data)
876  {
877  $arr_selected = $rbacreview->getOperationsOfRole($this->object->getId(), $obj_data["type"], $this->rolf_ref_id);
878  $arr_checked = array_intersect($arr_selected,array_keys($rbac_operations[$obj_data["obj_id"]]));
879 
880  foreach ($rbac_operations[$obj_data["obj_id"]] as $operation)
881  {
882  // check all boxes for system role
883  if ($this->object->getId() == SYSTEM_ROLE_ID)
884  {
885  $checked = true;
886  $disabled = true;
887  }
888  else
889  {
890  $checked = in_array($operation["ops_id"],$arr_checked);
891  $disabled = false;
892  }
893 
894  // Es wird eine 2-dim Post Variable uebergeben: perm[rol_id][ops_id]
895  $box = ilUtil::formCheckBox($checked,"template_perm[".$obj_data["type"]."][]",$operation["ops_id"],$disabled);
896  $output["perm"][$obj_data["obj_id"]][$operation["ops_id"]] = $box;
897  }
898  }
899  // END CHECK_PERM
900 
901  $output["col_anz"] = count($rbac_objects);
902  $output["txt_save"] = $this->lng->txt("save");
903  $output["check_recursive"] = ilUtil::formCheckBox(0,"recursive",1);
904  $output["text_recursive"] = $this->lng->txt("change_existing_objects");
905  $output["text_recursive_desc"] = $this->lng->txt("change_existing_objects_desc");
906 
907  $protected_disabled = true;
908 
909  if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
910  {
911  $protected_disabled = false;
912  }
913 
914  $output["check_protected"] = ilUtil::formCheckBox($rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()),
915  "protected",
916  1,
917  $protected_disabled);
918 
919  $output["text_protected"] = $this->lng->txt("role_protect_permissions");
920  $output["text_protected_desc"] = $this->lng->txt("role_protect_permissions_desc");
921 
922 
923 /************************************/
924 /* adopt permissions form */
925 /************************************/
926 
927  $output["message_middle"] = $this->lng->txt("adopt_perm_from_template");
928 
929  // send message for system role
930  if ($this->object->getId() == SYSTEM_ROLE_ID)
931  {
932  $output["adopt"] = array();
933  $output["sysrole_msg"] = $this->lng->txt("msg_sysrole_not_editable");
934  }
935  else
936  {
937  // BEGIN ADOPT_PERMISSIONS
938  $parent_role_ids = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
939  $ids = array();
940  foreach($parent_role_ids as $id => $tmp)
941  {
942  $ids[] = $id;
943  }
944 
945  // Sort ids
946  $sorted_ids = ilUtil::_sortIds($ids,'object_data','type,title','obj_id');
947 
948  // Sort roles by title
949  $sorted_roles = ilUtil::sortArray(array_values($parent_role_ids), 'title', ASC);
950  $key = 0;
951 
952  foreach($sorted_ids as $id)
953  {
954  $par = $parent_role_ids[$id];
955  #foreach ($sorted_roles as $par)
956  #{
957  if ($par["obj_id"] != SYSTEM_ROLE_ID)
958  {
959  $radio = ilUtil::formRadioButton(0,"adopt",$par["obj_id"]);
960  $output["adopt"][$key]["css_row_adopt"] = ($key % 2 == 0) ? "tblrow1" : "tblrow2";
961  $output["adopt"][$key]["check_adopt"] = $radio;
962  $output["adopt"][$key]["role_id"] = $par["obj_id"];
963  $output["adopt"][$key]["type"] = ($par["type"] == 'role' ? 'Role' : 'Template');
964  $output["adopt"][$key]["role_name"] = $par["title"];
965  $output["adopt"][$key]["role_desc"] = $par["desc"];
966  }
967  $key++;
968  }
969 
970  $output["formaction_adopt"] = $this->ctrl->getFormAction($this);
971  // END ADOPT_PERMISSIONS
972  }
973 
974  $output["formaction"] = $this->ctrl->getFormAction($this);
975 
976  $this->data = $output;
977 
978 
979 /************************************/
980 /* generate output */
981 /************************************/
982 
983  $this->tpl->addBlockfile('ADM_CONTENT','adm_content','tpl.adm_perm_role.html');
984 
985 
986  if($access and $this->object->isDeletable($this->rolf_ref_id))
987  {
988  $this->tpl->setVariable('LINK_DELETE_ROLE',$this->ctrl->getLinkTarget($this,'confirmDeleteRole'));
989  $this->tpl->setVariable('TXT_DELETE_ROLE',$this->lng->txt('rbac_delete_role'));
990  $this->tpl->setVariable('TXT_FOOTER_DELETE_ROLE',$this->lng->txt('rbac_delete_role'));
991  }
992 
993  foreach ($rbac_objects as $obj_data)
994  {
995  // BEGIN object_operations
996  $this->tpl->setCurrentBlock("object_operations");
997 
998  $ops_ids = "";
999 
1000  foreach ($obj_data["ops"] as $operation)
1001  {
1002  $ops_ids[] = $operation["ops_id"];
1003 
1004  //$css_row = ilUtil::switchColor($j++, "tblrow1", "tblrow2");
1005  $css_row = "tblrow1";
1006  $this->tpl->setVariable("CSS_ROW",$css_row);
1007  $this->tpl->setVariable("PERMISSION",$operation["name"]);
1008  if (substr($operation["title"], 0, 7) == "create_")
1009  {
1010  if ($this->objDefinition->getDevMode(substr($operation["title"], 7, strlen($operation["title"]) -7)))
1011  {
1012  $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
1013  }
1014  }
1015  $this->tpl->setVariable("CHECK_PERMISSION",$this->data["perm"][$obj_data["obj_id"]][$operation["ops_id"]]);
1016  $this->tpl->setVariable("LABEL_ID","template_perm_".$obj_data["type"]."_".$operation["ops_id"]);
1017  $this->tpl->parseCurrentBlock();
1018  } // END object_operations
1019 
1020  // BEGIN object_type
1021  $this->tpl->setCurrentBlock("object_type");
1022 
1023  // add administration for adminstrative items
1024  if ($objDefinition->isSystemObject($obj_data["type"]) &&
1025  $obj_data["type"] != "root")
1026  {
1027  $this->tpl->setVariable("TXT_ADMINIS", "(".$this->lng->txt("administration").") ");
1028  }
1029 
1030  $this->tpl->setVariable("TXT_OBJ_TYPE",$obj_data["name"]);
1031 
1032 // TODO: move this if in a function and query all objects that may be disabled or inactive
1033  if ($this->objDefinition->getDevMode($obj_data["type"]))
1034  {
1035  $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
1036  }
1037  else if ($obj_data["type"] == "icrs" and !$this->ilias->getSetting("ilinc_active"))
1038  {
1039  $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_enabled_or_configured").")");
1040  }
1041 
1042  // option: change permissions of exisiting objects of that type
1043  $this->tpl->setVariable("OBJ_TYPE",$obj_data["type"]);
1044  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE_DESC",$this->lng->txt("change_existing_object_type_desc"));
1045 
1046  // use different Text for system objects
1047  if ($objDefinition->isPlugin($obj_data["type"]))
1048  {
1049  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix")." ".
1050  ilPlugin::lookupTxt("rep_robj", $obj_data["type"], "objs_".$obj_data["type"]).
1051  " ".$this->lng->txt("change_existing_suffix"));
1052  }
1053  else if ($objDefinition->isSystemObject($obj_data["type"]))
1054  {
1055  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix_single")." ".$this->lng->txt("obj_".$obj_data["type"])." ".$this->lng->txt("change_existing_suffix_single"));
1056 
1057  }
1058  else
1059  {
1060  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix")." ".$this->lng->txt("objs_".$obj_data["type"])." ".$this->lng->txt("change_existing_suffix"));
1061  }
1062 
1063  // js checkbox toggles
1064  $this->tpl->setVariable("JS_VARNAME","template_perm_".$obj_data["type"]);
1065  $this->tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($ops_ids));
1066  $this->tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
1067  $this->tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
1068 
1069  $this->tpl->parseCurrentBlock();
1070  // END object_type
1071  }
1072 
1073  // don't display adopt permissions form for system role
1074  if ($this->object->getId() != SYSTEM_ROLE_ID)
1075  {
1076  // BEGIN ADOPT PERMISSIONS
1077  foreach ($this->data["adopt"] as $key => $value)
1078  {
1079  $this->tpl->setCurrentBlock("ADOPT_PERM_ROW");
1080  $this->tpl->setVariable("CSS_ROW_ADOPT",$value["css_row_adopt"]);
1081  $this->tpl->setVariable("CHECK_ADOPT",$value["check_adopt"]);
1082  $this->tpl->setVariable("LABEL_ID",$value["role_id"]);
1083  $this->tpl->setVariable("TYPE",$value["type"]);
1084  $this->tpl->setVariable("ROLE_NAME",$value["role_name"]);
1085  if(strlen($value['role_desc']))
1086  {
1087  $this->tpl->setVariable('ROLE_DESC',$value['role_desc']);
1088  }
1089 
1090  $this->tpl->parseCurrentBlock();
1091  }
1092 
1093  $this->tpl->setCurrentBlock("ADOPT_PERM_FORM");
1094  $this->tpl->setVariable("MESSAGE_MIDDLE",$this->data["message_middle"]);
1095  $this->tpl->setVariable("FORMACTION_ADOPT",$this->data["formaction_adopt"]);
1096  $this->tpl->setVariable("ADOPT",$this->lng->txt('copy'));
1097  $this->tpl->parseCurrentBlock();
1098  // END ADOPT PERMISSIONS
1099 
1100  $this->tpl->setCurrentBlock("tblfooter_special_options");
1101  $this->tpl->setVariable("TXT_PERM_SPECIAL_OPTIONS",$this->lng->txt("perm_special_options"));
1102  $this->tpl->parseCurrentBlock();
1103 
1104  $this->tpl->setCurrentBlock("tblfooter_recursive");
1105  $this->tpl->setVariable("COL_ANZ",3);
1106  $this->tpl->setVariable("CHECK_RECURSIVE",$this->data["check_recursive"]);
1107  $this->tpl->setVariable("TXT_RECURSIVE",$this->data["text_recursive"]);
1108  $this->tpl->setVariable("TXT_RECURSIVE_DESC",$this->data["text_recursive_desc"]);
1109  $this->tpl->parseCurrentBlock();
1110 
1111  $this->tpl->setCurrentBlock("tblfooter_protected");
1112  $this->tpl->setVariable("COL_ANZ",3);
1113  $this->tpl->setVariable("CHECK_PROTECTED",$this->data["check_protected"]);
1114  $this->tpl->setVariable("TXT_PROTECTED",$this->data["text_protected"]);
1115  $this->tpl->setVariable("TXT_PROTECTED_DESC",$this->data["text_protected_desc"]);
1116  $this->tpl->parseCurrentBlock();
1117 
1118  $this->tpl->setCurrentBlock("tblfooter_standard");
1119  $this->tpl->setVariable("COL_ANZ_PLUS",3);
1120  $this->tpl->setVariable("TXT_SAVE",$this->data["txt_save"]);
1121  $this->tpl->parseCurrentBlock();
1122  }
1123  else
1124  {
1125  // display form buttons not for system role
1126  $this->tpl->setCurrentBlock("tblfooter_sysrole");
1127  $this->tpl->setVariable("COL_ANZ_SYS",3);
1128  $this->tpl->parseCurrentBlock();
1129 
1130  // display sysrole_msg
1131  $this->tpl->setCurrentBlock("sysrole_msg");
1132  $this->tpl->setVariable("TXT_SYSROLE_MSG",$this->data["sysrole_msg"]);
1133  $this->tpl->parseCurrentBlock();
1134  }
1135 
1136  $this->tpl->setCurrentBlock("adm_content");
1137  $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath("icon_".$this->object->getType().".gif"));
1138  $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt($this->object->getType()));
1139  $this->tpl->setVariable("TBL_HELP_IMG",ilUtil::getImagePath("icon_help.gif"));
1140  $this->tpl->setVariable("TBL_HELP_LINK","tbl_help.php");
1141  $this->tpl->setVariable("TBL_HELP_IMG_ALT",$this->lng->txt("help"));
1142 
1143  // compute additional information in title
1144  $global_roles = $rbacreview->getGlobalRoles();
1145 
1146  if (in_array($this->object->getId(),$global_roles))
1147  {
1148  $desc = "global";
1149  }
1150  else
1151  {
1152  // description for autogenerated roles
1153  if($rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true))
1154  {
1155  $parent_node = $this->tree->getParentNodeData($rolf[0]);
1156  $desc = $this->lng->txt("obj_".$parent_node['type'])." (#".$parent_node['obj_id'].") : ".$parent_node['title'];
1157  }
1158  }
1159 
1160  $description = "&nbsp;<span class=\"small\">(".$desc.")</span>";
1161 
1162  // translation for autogenerated roles
1163  if (substr($this->object->getTitle(),0,3) == "il_")
1164  {
1165  $title = ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")";
1166  }
1167  else
1168  {
1169  $title = $this->object->getTitle();
1170  }
1171 
1172  $this->tpl->setVariable("TBL_TITLE",$title.$description);
1173 
1174  // info text
1175  $pid = $tree->getParentId($this->rolf_ref_id);
1176  $ptitle = ilObject::_lookupTitle(ilObject::_lookupObjId($pid));
1177  if ($this->rolf_ref_id != ROLE_FOLDER_ID)
1178  {
1179  $info = sprintf($this->lng->txt("perm_role_info_1"),
1180  $this->object->getTitle(), $ptitle)." ".
1181  sprintf($this->lng->txt("perm_role_info_2"),
1182  $this->object->getTitle(), $ptitle);
1183  }
1184  else
1185  {
1186  $info = sprintf($this->lng->txt("perm_role_info_glob_1"),
1187  $this->object->getTitle(), $ptitle)." ".
1188  sprintf($this->lng->txt("perm_role_info_glob_2"),
1189  $this->object->getTitle(), $ptitle);
1190  }
1191  $this->tpl->setVariable("TXT_TITLE_INFO", $info);
1192 
1193  $this->tpl->setVariable("TXT_PERMISSION",$this->data["txt_permission"]);
1194  $this->tpl->setVariable("FORMACTION",$this->data["formaction"]);
1195  $this->tpl->parseCurrentBlock();
1196 
1197  //var_dump($this->data["formaction"]);
1198  }
1199 
1204  protected function confirmDeleteRoleObject()
1205  {
1206  global $ilErr,$rbacreview,$ilUser;
1207 
1208  $access = $this->checkAccess('visible,write','edit_permission');
1209  if (!$access)
1210  {
1211  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->WARNING);
1212  }
1213 
1214  $question = $this->lng->txt('rbac_role_delete_qst');
1215  if($rbacreview->isAssigned($ilUser->getId(), $this->object->getId()))
1216  {
1217  $question .= ('<br />'.$this->lng->txt('rbac_role_delete_self'));
1218  }
1219  ilUtil::sendQuestion($question);
1220 
1221  include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
1222 
1223  $confirm = new ilConfirmationGUI();
1224  $confirm->setFormAction($this->ctrl->getFormAction($this));
1225  $confirm->setHeaderText($question);
1226  $confirm->setCancel($this->lng->txt('cancel'), 'perm');
1227  $confirm->setConfirm($this->lng->txt('rbac_delete_role'), 'performDeleteRole');
1228 
1229  $confirm->addItem(
1230  'role',
1231  $this->object->getId(),
1232  $this->object->getTitle(),
1233  ilUtil::getImagePath('icon_role.gif')
1234  );
1235 
1236  $this->tpl->setContent($confirm->getHTML());
1237  return true;
1238  }
1239 
1244  protected function performDeleteRoleObject()
1245  {
1246  global $ilErr;
1247 
1248  $access = $this->checkAccess('visible,write','edit_permission');
1249  if (!$access)
1250  {
1251  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->WARNING);
1252  }
1253 
1254  $this->object->setParent((int) $_GET['rolf_ref_id']);
1255  $this->object->delete();
1256  ilUtil::sendSuccess($this->lng->txt('msg_deleted_role'),true);
1257 
1258  if($back = $this->getBackTarget())
1259  {
1260  ilUtil::redirect($back['link']);
1261  }
1262  else
1263  {
1264  $this->ctrl->returnToParent($this);
1265  }
1266  }
1267 
1273  function permSaveObject()
1274  {
1275  global $rbacsystem, $rbacadmin, $rbacreview, $objDefinition, $tree;
1276 
1277  // for role administration check write of global role folder
1278  /*
1279  if ($this->rolf_ref_id == ROLE_FOLDER_ID)
1280  {
1281  $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
1282  }
1283  else // for local roles check 'edit permission' of parent object of the local role folder
1284  {
1285  $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
1286  }
1287  */
1288  $access = $this->checkAccess('visible,write','edit_permission');
1289 
1290  if (!$access)
1291  {
1292  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1293  }
1294 
1295  // delete all template entries
1296  $rbacadmin->deleteRolePermission($this->object->getId(), $this->rolf_ref_id);
1297 
1298  if (empty($_POST["template_perm"]))
1299  {
1300  $_POST["template_perm"] = array();
1301  }
1302 
1303  foreach ($_POST["template_perm"] as $key => $ops_array)
1304  {
1305  // sets new template permissions
1306  $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->rolf_ref_id);
1307  }
1308 
1309  // update object data entry (to update last modification date)
1310  $this->object->update();
1311 
1312  // set protected flag
1313  if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
1314  {
1315  $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST['protected']));
1316  }
1317 
1318  // Redirect if Change existing objects is not chosen
1319  if(!$_POST['recursive'] and !is_array($_POST['recursive_list']))
1320  {
1321  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1322  $this->ctrl->redirect($this, "perm");
1323  }
1324 
1325  // New implementation
1326  if($this->isChangeExistingObjectsConfirmationRequired())
1327  {
1328  $this->showChangeExistingObjectsConfirmation();
1329  return true;
1330  }
1331 
1332  $start = ($this->rolf_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $tree->getParentId($this->rolf_ref_id));
1333  if($_POST['protected'])
1334  {
1335  $this->object->changeExistingObjects(
1336  $start,
1337  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
1338  array('all')
1339  );
1340  }
1341  else
1342  {
1343  $this->object->changeExistingObjects(
1344  $start,
1345  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
1346  array('all')
1347  );
1348  }
1349  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1350  $this->ctrl->redirect($this,'perm');
1351  return true;
1352 
1353 
1354  // CHANGE ALL EXISTING OBJECT UNDER PARENT NODE OF ROLE FOLDER
1355  // BUT DON'T CHANGE PERMISSIONS OF SUBTREE OBJECTS IF INHERITANCE WAS STOPPED
1356  if ($_POST["recursive"] or is_array($_POST["recursive_list"]))
1357  {
1358  // IF ROLE IS A GLOBAL ROLE START AT ROOT
1359  if ($this->rolf_ref_id == ROLE_FOLDER_ID)
1360  {
1361  $node_id = ROOT_FOLDER_ID;
1362  }
1363  else
1364  {
1365  $node_id = $this->tree->getParentId($this->rolf_ref_id);
1366  }
1367 
1368  // GET ALL SUBNODES
1369  $node_data = $this->tree->getNodeData($node_id);
1370  $subtree_nodes = $this->tree->getSubTree($node_data);
1371 
1372  // GET ALL OBJECTS THAT CONTAIN A ROLE FOLDER
1373  $all_parent_obj_of_rolf = $rbacreview->getObjectsWithStopedInheritance($this->object->getId());
1374 
1375  // DELETE ACTUAL ROLE FOLDER FROM ARRAY
1376  if ($this->rolf_ref_id == ROLE_FOLDER_ID)
1377  {
1378  $key = array_keys($all_parent_obj_of_rolf,SYSTEM_FOLDER_ID);
1379  }
1380  else
1381  {
1382  $key = array_keys($all_parent_obj_of_rolf,$node_id);
1383  }
1384 
1385  unset($all_parent_obj_of_rolf[$key[0]]);
1386 
1387  $check = false;
1388 
1389  foreach ($subtree_nodes as $node)
1390  {
1391  if (!$check)
1392  {
1393  if (in_array($node["child"],$all_parent_obj_of_rolf))
1394  {
1395  $lft = $node["lft"];
1396  $rgt = $node["rgt"];
1397  $check = true;
1398  continue;
1399  }
1400 
1401  $valid_nodes[] = $node;
1402  }
1403  else
1404  {
1405  if (($node["lft"] > $lft) && ($node["rgt"] < $rgt))
1406  {
1407  continue;
1408  }
1409  else
1410  {
1411  $check = false;
1412 
1413  if (in_array($node["child"],$all_parent_obj_of_rolf))
1414  {
1415  $lft = $node["lft"];
1416  $rgt = $node["rgt"];
1417  $check = true;
1418  continue;
1419  }
1420 
1421  $valid_nodes[] = $node;
1422  }
1423  }
1424  }
1425 
1426  // Prepare arrays for permission settings below
1427  foreach ($valid_nodes as $key => $node)
1428  {
1429  // To change only selected object types filter selected object types
1430  if (is_array($_POST["recursive_list"]) and !in_array($node["type"],$_POST["recursive_list"]))
1431  {
1432  unset($valid_nodes[$key]);
1433  continue;
1434  }
1435 
1436  $node_ids[] = $node["child"];
1437  $valid_nodes[$key]["perms"] = $_POST["template_perm"][$node["type"]];
1438  }
1439 
1440  // prepare arrays for permission settings below
1441  /*foreach ($valid_nodes as $key => $node)
1442  {
1443  #if(!in_array($node["type"],$to_filter))
1444  {
1445  $node_ids[] = $node["child"];
1446  $valid_nodes[$key]["perms"] = $_POST["template_perm"][$node["type"]];
1447  }
1448  }*/
1449 
1450  if (!empty($node_ids))
1451  {
1452  // FIRST REVOKE PERMISSIONS FROM ALL VALID OBJECTS
1453  $rbacadmin->revokePermissionList($node_ids,$this->object->getId());
1454 
1455  // NOW SET ALL PERMISSIONS
1456  foreach ($valid_nodes as $node)
1457  {
1458  if (is_array($node["perms"]))
1459  {
1460  $rbacadmin->grantPermission($this->object->getId(),$node["perms"],$node["child"]);
1461  }
1462  }
1463  }
1464  }// END IF RECURSIVE
1465 
1466 
1467  }
1468 
1469 
1475  function adoptPermSaveObject()
1476  {
1477  global $rbacadmin, $rbacsystem, $rbacreview, $tree;
1478 
1479  if(!$_POST['adopt'])
1480  {
1481  ilUtil::sendFailure($this->lng->txt('select_one'));
1482  $this->permObject();
1483  return false;
1484  }
1485 
1486  $access = $this->checkAccess('visible,write','edit_permission');
1487  if (!$access)
1488  {
1489  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1490  }
1491 
1492  if ($this->object->getId() == $_POST["adopt"])
1493  {
1494  ilUtil::sendFailure($this->lng->txt("msg_perm_adopted_from_itself"),true);
1495  }
1496  else
1497  {
1498  $rbacadmin->deleteRolePermission($this->object->getId(), $this->rolf_ref_id);
1499  $parentRoles = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
1500  $rbacadmin->copyRoleTemplatePermissions(
1501  $_POST["adopt"],
1502  $parentRoles[$_POST["adopt"]]["parent"],
1503  $this->rolf_ref_id,
1504  $this->object->getId(),
1505  false);
1506 
1507  // update object data entry (to update last modification date)
1508  $this->object->update();
1509 
1510  // send info
1511  $obj_data =& $this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
1512  ilUtil::sendSuccess($this->lng->txt("msg_perm_adopted_from1")." '".$obj_data->getTitle()."'.<br/>".
1513  $this->lng->txt("msg_perm_adopted_from2"),true);
1514  }
1515 
1516  $this->ctrl->redirect($this, "perm");
1517  }
1518 
1524  function assignSaveObject()
1525  {
1526  $this->assignUserObject();
1527  }
1528 
1536  function assignUserObject()
1537  {
1538  global $rbacsystem, $rbacadmin, $rbacreview;
1539 
1540  #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
1541  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1542  {
1543  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1544  }
1545 
1546  if (!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
1547  $this->rolf_ref_id != ROLE_FOLDER_ID)
1548  {
1549  $this->ilias->raiseError($this->lng->txt("err_role_not_assignable"),$this->ilias->error_obj->MESSAGE);
1550  }
1551 
1552  if(!isset($_POST["user"]))
1553  {
1554  ilUtil::sendFailure($this->lng->txt("no_checkbox"));
1555  $this->searchObject();
1556 
1557  return false;
1558  }
1559 
1560  $selected_users = $_POST["user"];
1561  $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1562 
1563  // users to assign
1564  $assigned_users_new = array_diff($selected_users,array_intersect($selected_users,$assigned_users_all));
1565 
1566  // selected users all already assigned. stop
1567  if (count($assigned_users_new) == 0)
1568  {
1569  ilUtil::sendFailure($this->lng->txt("rbac_msg_user_already_assigned"));
1570  $this->searchObject();
1571 
1572  return false;
1573  }
1574 
1575  // assign new users
1576  foreach ($assigned_users_new as $user)
1577  {
1578  $rbacadmin->assignUser($this->object->getId(),$user,false);
1579  }
1580 
1581  // update object data entry (to update last modification date)
1582  $this->object->update();
1583 
1584  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"),true);
1585 
1586  $this->ctrl->redirect($this,'userassignment');
1587  }
1588 
1594  public function addUserObject($a_user_ids)
1595  {
1596  global $rbacreview,$rbacadmin;
1597 
1598  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1599  {
1600  ilUtil::sendFailure($this->lng->txt('msg_no_perm_assign_user_to_role'));
1601  return false;
1602  }
1603  if(!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
1604  $this->rolf_ref_id != ROLE_FOLDER_ID)
1605  {
1606  ilUtil::sendFailure($this->lng->txt('err_role_not_assignable'));
1607  return false;
1608  }
1609  if(!$a_user_ids)
1610  {
1611  ilUtil::sendFailure($this->lng->txt("no_checkbox"));
1612  return false;
1613  }
1614 
1615  $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1616 
1617  // users to assign
1618  $assigned_users_new = array_diff($a_user_ids,array_intersect($a_user_ids,$assigned_users_all));
1619 
1620  // selected users all already assigned. stop
1621  if (count($assigned_users_new) == 0)
1622  {
1623  ilUtil::sendFailure($this->lng->txt("rbac_msg_user_already_assigned"));
1624  return false;
1625  }
1626 
1627  // assign new users
1628  foreach ($assigned_users_new as $user)
1629  {
1630  $rbacadmin->assignUser($this->object->getId(),$user,false);
1631  }
1632 
1633  // update object data entry (to update last modification date)
1634  $this->object->update();
1635 
1636  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"),true);
1637  $this->ctrl->redirect($this,'userassignment');
1638  }
1639 
1645  function deassignUserObject()
1646  {
1647  global $rbacsystem, $rbacadmin, $rbacreview;
1648 
1649  #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
1650  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1651  {
1652  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1653  }
1654 
1655  /*
1656  if (!$rbacsystem->checkAccess('write',$this->rolf_ref_id))
1657  {
1658  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1659  }
1660  */
1661  $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
1662 
1663  if ($selected_users[0]=== NULL)
1664  {
1665  $this->ilias->raiseError($this->lng->txt("no_checkbox"),$this->ilias->error_obj->MESSAGE);
1666  }
1667 
1668  // prevent unassignment of system user from system role
1669  if ($this->object->getId() == SYSTEM_ROLE_ID)
1670  {
1671  if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !== false)
1672  unset($selected_users[$admin]);
1673  }
1674 
1675  // check for each user if the current role is his last global role before deassigning him
1676  $last_role = array();
1677  $global_roles = $rbacreview->getGlobalRoles();
1678 
1679  foreach ($selected_users as $user)
1680  {
1681  $assigned_roles = $rbacreview->assignedRoles($user);
1682  $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
1683 
1684  if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
1685  {
1686  $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
1687  $last_role[$user] = $userObj->getFullName();
1688  unset($userObj);
1689  }
1690  }
1691 
1692  // raise error if last role was taken from a user...
1693  if (count($last_role) > 0)
1694  {
1695  $user_list = implode(", ",$last_role);
1696  $this->ilias->raiseError($this->lng->txt("msg_is_last_role").": ".$user_list."<br/>".$this->lng->txt("msg_min_one_role")."<br/>".$this->lng->txt("action_aborted"),$this->ilias->error_obj->MESSAGE);
1697  }
1698 
1699  // ... else perform deassignment
1700  foreach ($selected_users as $user)
1701  {
1702  $rbacadmin->deassignUser($this->object->getId(),$user);
1703  }
1704 
1705  // update object data entry (to update last modification date)
1706  $this->object->update();
1707 
1708  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"),true);
1709 
1710  $this->ctrl->redirect($this,'userassignment');
1711  }
1712 
1718  function updateObject2()
1719  {
1720  global $rbacsystem, $rbacreview, $rbacadmin, $tree;
1721  require_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
1722  require_once 'classes/class.ilFormat.php';
1723 
1724  // for role administration check write of global role folder
1725  /*
1726  if ($this->rolf_ref_id == ROLE_FOLDER_ID)
1727  {
1728  $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
1729  }
1730  else // for local roles check 'edit permission' of parent object of the local role folder
1731  {
1732  $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
1733  }
1734  */
1735  $access = $this->checkAccess('write','edit_permission');
1736  if (!$access)
1737  {
1738  $this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_role"),$this->ilias->error_obj->MESSAGE);
1739  }
1740 
1741  if (substr($this->object->getTitle(),0,3) != "il_")
1742  {
1743  // check required fields
1744  if (empty($_POST["Fobject"]["title"]))
1745  {
1746  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
1747  }
1748 
1749  // check if role title has il_ prefix
1750  if (substr($_POST["Fobject"]["title"],0,3) == "il_")
1751  {
1752  $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
1753  }
1754  if (ilDiskQuotaActivationChecker::_isActive())
1755  {
1756  // check if disk quota is empty or is numeric and positive
1757  if (! is_numeric(trim($_POST["Fobject"]["disk_quota"])) ||
1758  trim($_POST["Fobject"]["disk_quota"]) < 0
1759  )
1760  {
1761  $this->ilias->raiseError($this->lng->txt("msg_disk_quota_illegal_value"),$this->ilias->error_obj->MESSAGE);
1762  }
1763  }
1764 
1765 
1766 
1767  // update
1768  $this->object->setTitle(ilUtil::stripSlashes($_POST["Fobject"]["title"]));
1769  $this->object->setDescription(ilUtil::stripSlashes($_POST["Fobject"]["desc"]));
1770  if (ilDiskQuotaActivationChecker::_isActive())
1771  {
1772  $this->object->setDiskQuota($_POST["Fobject"]["disk_quota"] * ilFormat::_getSizeMagnitude() * ilFormat::_getSizeMagnitude());
1773  }
1774  }
1775 
1776 
1777 
1778  // ensure that at least one role is available in the new user register form if registration is enabled
1779  if ($_POST["Fobject"]["allow_register"] == "")
1780  {
1781  $roles_allowed = $this->object->_lookupRegisterAllowed();
1782 
1783  if (count($roles_allowed) == 1 and $roles_allowed[0]['id'] == $this->object->getId())
1784  {
1785  $this->ilias->raiseError($this->lng->txt("msg_last_role_for_registration"),$this->ilias->error_obj->MESSAGE);
1786  }
1787  }
1788 
1789  $this->object->setAllowRegister($_POST["Fobject"]["allow_register"]);
1790  $this->object->toggleAssignUsersStatus($_POST["Fobject"]["assign_users"]);
1791  $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST["Fobject"]["protect_permissions"]));
1792  $this->object->update();
1793 
1794  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1795 
1796  $this->ctrl->redirect($this,'edit');
1797  }
1798 
1799 
1803  function userassignmentObject()
1804  {
1805  global $rbacreview, $rbacsystem;
1806 
1807  //if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
1808  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1809  {
1810  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1811  }
1812 
1813  $this->tabs_gui->setTabActive('user_assignment');
1814 
1815  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.rbac_ua.html','Services/AccessControl');
1816 
1817  include_once './Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1818  $tb = new ilToolbarGUI();
1819  $tb->setFormAction($this->ctrl->getFormAction($this));
1820  $tb->addButton(
1821  $this->lng->txt('role_add_user'),
1822  $this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI','start')
1823  );
1824  $tb->addSpacer();
1825  $tb->addButton(
1826  $this->lng->txt('role_mailto'),
1827  $this->ctrl->getLinkTarget($this,'mailToRole')
1828  );
1829  $this->tpl->setVariable('BUTTONS_UA',$tb->getHTML());
1830 
1831  include_once './Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1832  $ut = new ilAssignedUsersTableGUI($this,'userassignment',$this->object->getId());
1833 
1834  $this->tpl->setVariable('TABLE_UA',$ut->getHTML());
1835 
1836  return true;
1837 
1838  $assigned_users = $rbacreview->assignedUsers($this->object->getId(),array("login","firstname","lastname","usr_id"));
1839 
1840  //if current user is admin he is able to add new members to group
1841  $val_contact = $this->lng->txt("message");
1842  $val_change = $this->lng->txt("edit");
1843  $val_leave = $this->lng->txt("remove");
1844  $val_contact_desc = $this->lng->txt("role_user_send_mail");
1845  $val_change_desc = $this->lng->txt("role_user_edit");
1846  $val_leave_desc = $this->lng->txt("role_user_deassign");
1847  $counter = 0;
1848 
1849  foreach ($assigned_users as $user)
1850  {
1851  $link_contact = "ilias.php?baseClass=ilMailGUI&type=new&rcp_to=".urlencode($user["login"]);
1852 
1853  if ($_GET["admin_mode"] == "settings"
1854  && $_GET["ref_id"] != SYSTEM_FOLDER_ID)
1855  {
1856  $this->ctrl->setParameterByClass("ilobjusergui", "ref_id", 7);
1857  $this->ctrl->setParameterByClass("ilobjusergui", "obj_id", $user["usr_id"]);
1858  $link_change = $this->ctrl->getLinkTargetByClass(array("iladministrationgui", "ilobjusergui"), "view");
1859  $this->ctrl->setParameterByClass("ilobjusergui", "ref_id", $_GET["ref_id"]);
1860  }
1861 
1862  $this->ctrl->setParameter($this, "user_id", $user["usr_id"]);
1863  $link_leave = $this->ctrl->getLinkTarget($this,"deassignUser");
1864 
1865  $member_functions = "";
1866 
1867  // exclude root/admin role and anon/anon
1868  if ($this->object->getId() != ANONYMOUS_ROLE_ID or $user["usr_id"] != ANONYMOUS_USER_ID)
1869  {
1870  //build function
1871  $member_functions = "<a class=\"il_ContainerItemCommand\" href=\"".$link_contact."\" title=\"".$val_contact_desc."\">".$val_contact."</a>";
1872 
1873  if (strtolower($_GET["baseClass"]) == 'iladministrationgui' && $_GET["admin_mode"] == "settings")
1874  {
1875  $member_functions .= "&nbsp;<a class=\"il_ContainerItemCommand\" href=\"".$link_change."\" title=\"".$val_change_desc."\">".$val_change."</a>";
1876  }
1877 
1878  if ($this->object->getId() != SYSTEM_ROLE_ID or $user["usr_id"] != SYSTEM_USER_ID)
1879  {
1880  $member_functions .= "&nbsp;<a class=\"il_ContainerItemCommand\" href=\"".$link_leave."\" title=\"".$val_leave_desc."\">".$val_leave."</a>";
1881  }
1882  }
1883 
1884  // no check box for root/admin role and anon/anon
1885  if (($this->object->getId() == SYSTEM_ROLE_ID and $user["usr_id"] == SYSTEM_USER_ID)
1886  or ($this->object->getId() == ANONYMOUS_ROLE_ID and $user["usr_id"] == ANONYMOUS_USER_ID))
1887  {
1888  $result_set[$counter][] = "";
1889  }
1890  else
1891  {
1892  $result_set[$counter][] = ilUtil::formCheckBox(0,"user_id[]",$user["usr_id"]);
1893  }
1894 
1895  $user_ids[$counter] = $user["usr_id"];
1896 
1897  $result_set[$counter][] = $user["login"];
1898  $result_set[$counter][] = $user["firstname"];
1899  $result_set[$counter][] = $user["lastname"];
1900  $result_set[$counter][] = $member_functions;
1901 
1902  ++$counter;
1903 
1904  unset($member_functions);
1905  }
1906 
1907  return $this->__showAssignedUsersTable($result_set,$user_ids);
1908  }
1909 
1910  function __showAssignedUsersTable($a_result_set,$a_user_ids = NULL)
1911  {
1912  global $rbacsystem;
1913 
1914  $actions = array("deassignUser" => $this->lng->txt("remove"));
1915 
1916  $tbl =& $this->__initTableGUI();
1917  $tpl =& $tbl->getTemplateObject();
1918 
1919  $this->tpl->addBlockfile("BUTTONS", "buttons", "tpl.buttons.html");
1920 
1921  // display button add user
1922  $this->tpl->setCurrentBlock("btn_cell");
1923  $this->tpl->setVariable("BTN_LINK",$this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI','start'));
1924  $this->tpl->setVariable("BTN_TXT",$this->lng->txt('role_add_user'));
1925  $this->tpl->parseCurrentBlock();
1926 
1927  $this->__showButton('mailToRole',$this->lng->txt('role_mailto'),'_blank');
1928 
1929  $tpl->setCurrentBlock("tbl_form_header");
1930  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
1931  $tpl->parseCurrentBlock();
1932 
1933  $tpl->setCurrentBlock("tbl_action_row");
1934 
1935  $tpl->setVariable("COLUMN_COUNTS",5);
1936  $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("arrow_downright.gif"));
1937 
1938  foreach ($actions as $name => $value)
1939  {
1940  $tpl->setCurrentBlock("tbl_action_btn");
1941  $tpl->setVariable("BTN_NAME",$name);
1942  $tpl->setVariable("BTN_VALUE",$value);
1943  $tpl->parseCurrentBlock();
1944  }
1945 
1946  if (!empty($a_user_ids))
1947  {
1948  // set checkbox toggles
1949  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
1950  $tpl->setVariable("JS_VARNAME","user_id");
1951  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
1952  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
1953  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
1954  $tpl->parseCurrentBlock();
1955  }
1956 
1957  $tpl->setVariable("TPLPATH",$this->tpl->tplPath);
1958  $this->ctrl->setParameter($this,"cmd","userassignment");
1959 
1960  // title & header columns
1961  $tbl->setTitle($this->lng->txt("assigned_users"),"icon_usr.gif",$this->lng->txt("users"));
1962 
1963  //user must be administrator
1964  $tbl->setHeaderNames(array("",$this->lng->txt("username"),$this->lng->txt("firstname"),
1965  $this->lng->txt("lastname"),$this->lng->txt("grp_options")));
1966  $tbl->setHeaderVars(array("","login","firstname","lastname","functions"),
1967  $this->ctrl->getParameterArray($this,"",false));
1968  $tbl->setColumnWidth(array("","20%","25%","25%","30%"));
1969 
1970  $this->__setTableGUIBasicData($tbl,$a_result_set,"userassignment");
1971  $tbl->render();
1972  $this->tpl->setVariable("ADM_CONTENT",$tbl->tpl->get());
1973 
1974  return true;
1975  }
1976 
1977  function &__initTableGUI()
1978  {
1979  include_once "./Services/Table/classes/class.ilTableGUI.php";
1980 
1981  return new ilTableGUI(0,false);
1982  }
1983 
1984  function __setTableGUIBasicData(&$tbl,&$result_set,$from = "")
1985  {
1986  switch($from)
1987  {
1988  case "group":
1989  $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
1990  break;
1991 
1992  case "role":
1993  $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
1994  break;
1995 
1996  default:
1997  // init sort_by (unfortunatly sort_by is preset with 'title')
1998  if ($_GET["sort_by"] == "title" or empty($_GET["sort_by"]))
1999  {
2000  $_GET["sort_by"] = "login";
2001  }
2002  $order = $_GET["sort_by"];
2003  break;
2004  }
2005 
2006  $tbl->setOrderColumn($order);
2007  $tbl->setOrderDirection($_GET["sort_order"]);
2008  $tbl->setOffset($_GET["offset"]);
2009  $tbl->setLimit($_GET["limit"]);
2010  $tbl->setFooter("tblfooter",$this->lng->txt("previous"),$this->lng->txt("next"));
2011  $tbl->setData($result_set);
2012  }
2013 
2014  function searchUserFormObject()
2015  {
2016  global $rbacsystem;
2017 
2018  //if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
2019  if(!$this->checkAccess('edit_userassignment','edit_permission'))
2020  {
2021  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
2022  }
2023 
2024  $this->lng->loadLanguageModule('search');
2025 
2026  $this->tpl->addBlockFile("ADM_CONTENT","adm_content","tpl.role_users_search.html");
2027 
2028  $this->tpl->setVariable("F_ACTION",$this->ctrl->getFormAction($this));
2029  $this->tpl->setVariable("SEARCH_ASSIGN_USR",$this->lng->txt("role_search_users"));
2030  $this->tpl->setVariable("SEARCH_SEARCH_TERM",$this->lng->txt("search_search_term"));
2031  $this->tpl->setVariable("SEARCH_VALUE",$_SESSION["role_search_str"] ? $_SESSION["role_search_str"] : "");
2032  $this->tpl->setVariable("SEARCH_FOR",$this->lng->txt("exc_search_for"));
2033  $this->tpl->setVariable("SEARCH_ROW_TXT_USER",$this->lng->txt("exc_users"));
2034  $this->tpl->setVariable("SEARCH_ROW_TXT_ROLE",$this->lng->txt("exc_roles"));
2035  $this->tpl->setVariable("SEARCH_ROW_TXT_GROUP",$this->lng->txt("exc_groups"));
2036  $this->tpl->setVariable("BTN2_VALUE",$this->lng->txt("cancel"));
2037  $this->tpl->setVariable("BTN1_VALUE",$this->lng->txt("search"));
2038 
2039  $usr = ($_POST["search_for"] == "usr" || $_POST["search_for"] == "") ? 1 : 0;
2040  $grp = ($_POST["search_for"] == "grp") ? 1 : 0;
2041  $role = ($_POST["search_for"] == "role") ? 1 : 0;
2042 
2043  $this->tpl->setVariable("SEARCH_ROW_CHECK_USER",ilUtil::formRadioButton($usr,"search_for","usr"));
2044  $this->tpl->setVariable("SEARCH_ROW_CHECK_ROLE",ilUtil::formRadioButton($role,"search_for","role"));
2045  $this->tpl->setVariable("SEARCH_ROW_CHECK_GROUP",ilUtil::formRadioButton($grp,"search_for","grp"));
2046 
2047  $this->__unsetSessionVariables();
2048  }
2049 
2050  function __unsetSessionVariables()
2051  {
2052  unset($_SESSION["role_delete_member_ids"]);
2053  unset($_SESSION["role_delete_subscriber_ids"]);
2054  unset($_SESSION["role_search_str"]);
2055  unset($_SESSION["role_search_for"]);
2056  unset($_SESSION["role_role"]);
2057  unset($_SESSION["role_group"]);
2058  unset($_SESSION["role_archives"]);
2059  }
2060 
2065  function cancelObject()
2066  {
2067  if ($_GET["new_type"] != "role")
2068  {
2069  $this->ctrl->redirect($this, "userassignment");
2070  }
2071  else
2072  {
2073  $this->ctrl->redirectByClass("ilobjrolefoldergui","view");
2074  }
2075  }
2076 
2077  function searchObject()
2078  {
2079  global $rbacsystem, $tree;
2080 
2081  #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
2082  if(!$this->checkAccess('edit_userassignment','edit_permission'))
2083  {
2084  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
2085  }
2086 
2087  $_SESSION["role_search_str"] = $_POST["search_str"] = $_POST["search_str"] ? $_POST["search_str"] : $_SESSION["role_search_str"];
2088  $_SESSION["role_search_for"] = $_POST["search_for"] = $_POST["search_for"] ? $_POST["search_for"] : $_SESSION["role_search_for"];
2089 
2090  if (!isset($_POST["search_for"]) or !isset($_POST["search_str"]))
2091  {
2092  ilUtil::sendFailure($this->lng->txt("role_search_enter_search_string"));
2093  $this->searchUserFormObject();
2094 
2095  return false;
2096  }
2097 
2098  if (!count($result = $this->__search(ilUtil::stripSlashes($_POST["search_str"]),$_POST["search_for"])))
2099  {
2100  ilUtil::sendInfo($this->lng->txt("role_no_results_found"));
2101  $this->searchUserFormObject();
2102 
2103  return false;
2104  }
2105 
2106  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
2107  $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
2108 
2109  $counter = 0;
2110  $f_result = array();
2111 
2112  switch($_POST["search_for"])
2113  {
2114  case "usr":
2115  foreach($result as $user)
2116  {
2117  if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user["id"],false))
2118  {
2119  continue;
2120  }
2121 
2122  $user_ids[$counter] = $user["id"];
2123 
2124  $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user["id"]);
2125  $f_result[$counter][] = $tmp_obj->getLogin();
2126  $f_result[$counter][] = $tmp_obj->getFirstname();
2127  $f_result[$counter][] = $tmp_obj->getLastname();
2128 
2129  unset($tmp_obj);
2130  ++$counter;
2131  }
2132  $this->__showSearchUserTable($f_result,$user_ids);
2133 
2134  return true;
2135 
2136  case "role":
2137  foreach($result as $role)
2138  {
2139  // exclude anonymous role
2140  if ($role["id"] == ANONYMOUS_ROLE_ID)
2141  {
2142  continue;
2143  }
2144 
2145  if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($role["id"],false))
2146  {
2147  continue;
2148  }
2149 
2150  // exclude roles with no users assigned to
2151  if ($tmp_obj->getCountMembers() == 0)
2152  {
2153  continue;
2154  }
2155 
2156  $role_ids[$counter] = $role["id"];
2157 
2158  $f_result[$counter][] = ilUtil::formCheckbox(0,"role[]",$role["id"]);
2159  $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
2160  $f_result[$counter][] = $tmp_obj->getCountMembers();
2161 
2162  unset($tmp_obj);
2163  ++$counter;
2164  }
2165 
2166  $this->__showSearchRoleTable($f_result,$role_ids);
2167 
2168  return true;
2169 
2170  case "grp":
2171  foreach($result as $group)
2172  {
2173  if(!$tree->isInTree($group["id"]))
2174  {
2175  continue;
2176  }
2177 
2178  if(!$tmp_obj = ilObjectFactory::getInstanceByRefId($group["id"],false))
2179  {
2180  continue;
2181  }
2182 
2183  // exclude myself :-)
2184  if ($tmp_obj->getId() == $this->object->getId())
2185  {
2186  continue;
2187  }
2188 
2189  $grp_ids[$counter] = $group["id"];
2190 
2191  $f_result[$counter][] = ilUtil::formCheckbox(0,"group[]",$group["id"]);
2192  $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
2193  $f_result[$counter][] = $tmp_obj->getCountMembers();
2194 
2195  unset($tmp_obj);
2196  ++$counter;
2197  }
2198  $this->__showSearchGroupTable($f_result,$grp_ids);
2199 
2200  return true;
2201  }
2202  }
2203 
2204  function __search($a_search_string,$a_search_for)
2205  {
2206  include_once("./classes/class.ilSearch.php");
2207 
2208  $this->lng->loadLanguageModule("content");
2209  $search =& new ilSearch($_SESSION["AccountId"]);
2210  $search->setPerformUpdate(false);
2211  $search->setSearchString(ilUtil::stripSlashes($a_search_string));
2212  $search->setCombination("and");
2213  $search->setSearchFor(array(0 => $a_search_for));
2214  $search->setSearchType('new');
2215 
2216  if ($search->validate($message))
2217  {
2218  $search->performSearch();
2219  }
2220  else
2221  {
2222  ilUtil::sendInfo($message,true);
2223  $this->ctrl->redirect($this,"searchUserForm");
2224  }
2225 
2226  return $search->getResultByType($a_search_for);
2227  }
2228 
2229  function __showSearchUserTable($a_result_set,$a_user_ids = NULL,$a_cmd = "search")
2230  {
2231  $return_to = "searchUserForm";
2232 
2233  if ($a_cmd == "listUsersRole" or $a_cmd == "listUsersGroup")
2234  {
2235  $return_to = "search";
2236  }
2237 
2238  $tbl =& $this->__initTableGUI();
2239  $tpl =& $tbl->getTemplateObject();
2240 
2241  // SET FORMACTION
2242  $tpl->setCurrentBlock("tbl_form_header");
2243  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
2244  $tpl->parseCurrentBlock();
2245 
2246  $tpl->setCurrentBlock("tbl_action_btn");
2247  $tpl->setVariable("BTN_NAME",$return_to);
2248  $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
2249  $tpl->parseCurrentBlock();
2250 
2251  $tpl->setCurrentBlock("tbl_action_btn");
2252  $tpl->setVariable("BTN_NAME","assignUser");
2253  $tpl->setVariable("BTN_VALUE",$this->lng->txt("add"));
2254  $tpl->parseCurrentBlock();
2255 
2256  if (!empty($a_user_ids))
2257  {
2258  // set checkbox toggles
2259  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
2260  $tpl->setVariable("JS_VARNAME","user");
2261  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
2262  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
2263  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
2264  $tpl->parseCurrentBlock();
2265  }
2266 
2267  $tpl->setCurrentBlock("tbl_action_row");
2268  $tpl->setVariable("COLUMN_COUNTS",4);
2269  $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
2270  $tpl->parseCurrentBlock();
2271 
2272  $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
2273  $tbl->setHeaderNames(array("",
2274  $this->lng->txt("username"),
2275  $this->lng->txt("firstname"),
2276  $this->lng->txt("lastname")));
2277  $tbl->setHeaderVars(array("",
2278  "login",
2279  "firstname",
2280  "lastname"),
2281  $this->ctrl->getParameterArray($this,$a_cmd,false));
2282  //array("ref_id" => $this->rolf_ref_id,
2283  // "obj_id" => $this->object->getId(),
2284  // "cmd" => $a_cmd,
2285  //"cmdClass" => "ilobjrolegui",
2286  // "cmdNode" => $_GET["cmdNode"]));
2287 
2288  $tbl->setColumnWidth(array("","33%","33%","33%"));
2289 
2290  $this->__setTableGUIBasicData($tbl,$a_result_set);
2291  $tbl->render();
2292 
2293  $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
2294 
2295  return true;
2296  }
2297 
2298  function __showSearchRoleTable($a_result_set,$a_role_ids = NULL)
2299  {
2300  $tbl =& $this->__initTableGUI();
2301  $tpl =& $tbl->getTemplateObject();
2302 
2303  $tpl->setCurrentBlock("tbl_form_header");
2304  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
2305  $tpl->parseCurrentBlock();
2306 
2307  $tpl->setCurrentBlock("tbl_action_btn");
2308  $tpl->setVariable("BTN_NAME","searchUserForm");
2309  $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
2310  $tpl->parseCurrentBlock();
2311 
2312  $tpl->setCurrentBlock("tbl_action_btn");
2313  $tpl->setVariable("BTN_NAME","listUsersRole");
2314  $tpl->setVariable("BTN_VALUE",$this->lng->txt("role_list_users"));
2315  $tpl->parseCurrentBlock();
2316 
2317  if (!empty($a_role_ids))
2318  {
2319  // set checkbox toggles
2320  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
2321  $tpl->setVariable("JS_VARNAME","role");
2322  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_role_ids));
2323  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
2324  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
2325  $tpl->parseCurrentBlock();
2326  }
2327 
2328  $tpl->setCurrentBlock("tbl_action_row");
2329  $tpl->setVariable("COLUMN_COUNTS",4);
2330  $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
2331  $tpl->parseCurrentBlock();
2332 
2333  $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
2334  $tbl->setHeaderNames(array("",
2335  $this->lng->txt("obj_role"),
2336  $this->lng->txt("role_count_users")));
2337  $tbl->setHeaderVars(array("",
2338  "title",
2339  "nr_members"),
2340  $this->ctrl->getParameterArray($this,"search",false));
2341  //array("ref_id" => $this->rolf_ref_id,
2342  //"obj_id" => $this->object->getId(),
2343  //"cmd" => "search",
2344  //"cmdClass" => "ilobjrolegui",
2345  //"cmdNode" => $_GET["cmdNode"]));
2346 
2347  $tbl->setColumnWidth(array("","80%","19%"));
2348 
2349 
2350  $this->__setTableGUIBasicData($tbl,$a_result_set,"role");
2351  $tbl->render();
2352 
2353  $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
2354 
2355  return true;
2356  }
2357 
2358  function __showSearchGroupTable($a_result_set,$a_grp_ids = NULL)
2359  {
2360  $tbl =& $this->__initTableGUI();
2361  $tpl =& $tbl->getTemplateObject();
2362 
2363  $tpl->setCurrentBlock("tbl_form_header");
2364  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
2365  $tpl->parseCurrentBlock();
2366 
2367  $tpl->setCurrentBlock("tbl_action_btn");
2368  $tpl->setVariable("BTN_NAME","searchUserForm");
2369  $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
2370  $tpl->parseCurrentBlock();
2371 
2372  $tpl->setCurrentBlock("tbl_action_btn");
2373  $tpl->setVariable("BTN_NAME","listUsersGroup");
2374  $tpl->setVariable("BTN_VALUE",$this->lng->txt("grp_list_users"));
2375  $tpl->parseCurrentBlock();
2376 
2377  if (!empty($a_grp_ids))
2378  {
2379  // set checkbox toggles
2380  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
2381  $tpl->setVariable("JS_VARNAME","group");
2382  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_grp_ids));
2383  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
2384  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
2385  $tpl->parseCurrentBlock();
2386  }
2387 
2388  $tpl->setCurrentBlock("tbl_action_row");
2389  $tpl->setVariable("COLUMN_COUNTS",4);
2390  $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
2391  $tpl->parseCurrentBlock();
2392 
2393  $tbl->setTitle($this->lng->txt("grp_header_edit_members"),"icon_usr.gif",$this->lng->txt("grp_header_edit_members"));
2394  $tbl->setHeaderNames(array("",
2395  $this->lng->txt("obj_grp"),
2396  $this->lng->txt("grp_count_members")));
2397  $tbl->setHeaderVars(array("",
2398  "title",
2399  "nr_members"),
2400  array("ref_id" => $this->rolf_ref_id,
2401  "obj_id" => $this->object->getId(),
2402  "cmd" => "search",
2403  "cmdClass" => "ilobjrolegui",
2404  "cmdNode" => $_GET["cmdNode"]));
2405 
2406  $tbl->setColumnWidth(array("","80%","19%"));
2407 
2408 
2409  $this->__setTableGUIBasicData($tbl,$a_result_set,"group");
2410  $tbl->render();
2411 
2412  $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
2413 
2414  return true;
2415  }
2416 
2417  function listUsersRoleObject()
2418  {
2419  global $rbacsystem,$rbacreview;
2420 
2421  $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
2422 
2423  if (!is_array($_POST["role"]))
2424  {
2425  ilUtil::sendFailure($this->lng->txt("role_no_roles_selected"));
2426  $this->searchObject();
2427 
2428  return false;
2429  }
2430 
2431  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
2432  $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
2433 
2434  // GET ALL MEMBERS
2435  $members = array();
2436 
2437  foreach ($_POST["role"] as $role_id)
2438  {
2439  $members = array_merge($rbacreview->assignedUsers($role_id),$members);
2440  }
2441 
2442  $members = array_unique($members);
2443 
2444  // FORMAT USER DATA
2445  $counter = 0;
2446  $f_result = array();
2447 
2448  foreach($members as $user)
2449  {
2450  if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
2451  {
2452  continue;
2453  }
2454 
2455  $user_ids[$counter] = $user;
2456 
2457  // TODO: exclude anonymous user
2458  $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
2459  $f_result[$counter][] = $tmp_obj->getLogin();
2460  $f_result[$counter][] = $tmp_obj->getFirstname();
2461  $f_result[$counter][] = $tmp_obj->getLastname();
2462 
2463  unset($tmp_obj);
2464  ++$counter;
2465  }
2466 
2467  $this->__showSearchUserTable($f_result,$user_ids,"listUsersRole");
2468 
2469  return true;
2470  }
2471 
2472  function listUsersGroupObject()
2473  {
2474  global $rbacsystem,$rbacreview,$tree;
2475 
2476  $_SESSION["role_group"] = $_POST["group"] = $_POST["group"] ? $_POST["group"] : $_SESSION["role_group"];
2477 
2478  if (!is_array($_POST["group"]))
2479  {
2480  ilUtil::sendFailure($this->lng->txt("role_no_groups_selected"));
2481  $this->searchObject();
2482 
2483  return false;
2484  }
2485 
2486  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
2487  $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
2488 
2489  // GET ALL MEMBERS
2490  $members = array();
2491 
2492  foreach ($_POST["group"] as $group_id)
2493  {
2494  if (!$tree->isInTree($group_id))
2495  {
2496  continue;
2497  }
2498  if (!$tmp_obj = ilObjectFactory::getInstanceByRefId($group_id))
2499  {
2500  continue;
2501  }
2502 
2503  $members = array_merge($tmp_obj->getGroupMemberIds(),$members);
2504 
2505  unset($tmp_obj);
2506  }
2507 
2508  $members = array_unique($members);
2509 
2510  // FORMAT USER DATA
2511  $counter = 0;
2512  $f_result = array();
2513 
2514  foreach($members as $user)
2515  {
2516  if (!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
2517  {
2518  continue;
2519  }
2520 
2521  $user_ids[$counter] = $user;
2522 
2523  $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
2524  $f_result[$counter][] = $tmp_obj->getLogin();
2525  $f_result[$counter][] = $tmp_obj->getFirstname();
2526  $f_result[$counter][] = $tmp_obj->getLastname();
2527 
2528  unset($tmp_obj);
2529  ++$counter;
2530  }
2531 
2532  $this->__showSearchUserTable($f_result,$user_ids,"listUsersGroup");
2533 
2534  return true;
2535  }
2536 
2537 
2538  function __formatPath($a_path_arr)
2539  {
2540  $counter = 0;
2541 
2542  foreach ($a_path_arr as $data)
2543  {
2544  if ($counter++)
2545  {
2546  $path .= " -> ";
2547  }
2548 
2549  $path .= $data['title'];
2550  }
2551 
2552  if (strlen($path) > 50)
2553  {
2554  return '...'.substr($path,-50);
2555  }
2556 
2557  return $path;
2558  }
2559 
2560  function __prepareOutput()
2561  {
2562  // output objects
2563  //$this->tpl->addBlockFile("CONTENT", "content", "tpl.role.html");
2564  $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
2565  $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
2566 
2567  // output locator
2568  //$this->__setLocator();
2569 
2570  // output message
2571  if ($this->message)
2572  {
2573  ilUtil::sendInfo($this->message);
2574  }
2575 
2576  // display infopanel if something happened
2577  ilUtil::infoPanel();
2578 
2579  // set header
2580  $this->__setHeader();
2581  }
2582 
2583  function __setHeader()
2584  {
2585  include_once './classes/class.ilTabsGUI.php';
2586 
2587  $this->tpl->setTitle($this->lng->txt('role'));
2588  $this->tpl->setDescription($this->object->getTitle());
2589  $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.gif"));
2590 
2591  #$tabs_gui =& new ilTabsGUI();
2592  $this->getTabs($this->tabs_gui);
2593 
2594  // output tabs
2595  #$this->tpl->setVariable("TABS", $tabs_gui->getHTML());
2596  }
2597 
2598  function __setLocator()
2599  {
2600  global $tree, $ilias_locator;
2601 
2602  return;
2603 
2604  $this->tpl->addBlockFile("LOCATOR", "locator", "tpl.locator.html", "Services/Locator");
2605 
2606  $counter = 0;
2607 
2608  foreach ($tree->getPathFull($this->rolf_ref_id) as $key => $row)
2609  {
2610  if ($counter++)
2611  {
2612  $this->tpl->touchBlock('locator_separator_prefix');
2613  }
2614 
2615  $this->tpl->setCurrentBlock("locator_item");
2616 
2617  if ($row["type"] == 'rolf')
2618  {
2619  $this->tpl->setVariable("ITEM",$this->object->getTitle());
2620  $this->tpl->setVariable("LINK_ITEM",$this->ctrl->getLinkTarget($this));
2621  }
2622  elseif ($row["child"] != $tree->getRootId())
2623  {
2624  $this->tpl->setVariable("ITEM", $row["title"]);
2625  $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
2626  }
2627  else
2628  {
2629  $this->tpl->setVariable("ITEM", $this->lng->txt("repository"));
2630  $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
2631  }
2632 
2633  $this->tpl->parseCurrentBlock();
2634  }
2635 
2636  $this->tpl->setVariable("TXT_LOCATOR",$this->lng->txt("locator"));
2637  $this->tpl->parseCurrentBlock();
2638  }
2639 
2644  function addAdminLocatorItems()
2645  {
2646  global $ilLocator;
2647 
2648  if ($_GET["admin_mode"] == "settings"
2649  && $_GET["ref_id"] == ROLE_FOLDER_ID) // system settings
2650  {
2651  $ilLocator->addItem($this->lng->txt("administration"),
2652  $this->ctrl->getLinkTargetByClass("iladministrationgui", "frameset"),
2653  ilFrameTargetInfo::_getFrame("MainContent"));
2654 
2655  $ilLocator->addItem($this->lng->txt("obj_".ilObject::_lookupType(
2656  ilObject::_lookupObjId($_GET["ref_id"]))),
2657  $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
2658 
2659  if ($_GET["obj_id"] > 0)
2660  {
2661  $ilLocator->addItem($this->object->getTitle(),
2662  $this->ctrl->getLinkTarget($this, "view"));
2663  }
2664  }
2665  else // repository administration
2666  {
2667  // ?
2668  }
2669  }
2670 
2671  function showUpperIcon()
2672  {
2673  global $tree, $tpl, $objDefinition;
2674 
2675  return parent::showUpperIcon();
2676 
2677  if (strtolower($_GET["baseClass"]) == "iladministrationgui")
2678  {
2679  if ($_GET["admin_mode"] == "settings"
2680  && $_GET["ref_id"] != SYSTEM_FOLDER_ID)
2681  {
2682  $tpl->setUpperIcon(
2683  $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
2684  }
2685  }
2686  else
2687  {
2688  if ($this->object->getRefId() != ROOT_FOLDER_ID &&
2689  $this->object->getRefId() != SYSTEM_FOLDER_ID)
2690  {
2691  $par_id = $tree->getParentId($this->object->getRefId());
2692  $tpl->setUpperIcon("repository.php?ref_id=".$par_id);
2693  }
2694  }
2695  }
2696 
2697 
2698 
2699  function getTabs(&$tabs_gui)
2700  {
2701  global $rbacsystem,$rbacreview;
2702 
2703  $base_role_folder = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
2704 
2705 //var_dump($base_role_folder);
2706 //echo "-".$this->rolf_ref_id."-";
2707 
2708  $activate_role_edit = false;
2709 
2710  // todo: activate the following (allow editing of local roles in
2711  // roles administration)
2712  //if (in_array($this->rolf_ref_id,$base_role_folder))
2713  if (in_array($this->rolf_ref_id,$base_role_folder) ||
2714  (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
2715  $_GET["admin_mode"] == "settings"))
2716  {
2717  $activate_role_edit = true;
2718  }
2719 
2720  // not so nice (workaround for using tabs in repository)
2721  $tabs_gui->clearTargets();
2722 
2723  if ($this->back_target != "")
2724  {
2725  $tabs_gui->setBackTarget(
2726  $this->back_target["text"],$this->back_target["link"]);
2727  }
2728 
2729  if($this->checkAccess('write','edit_permission') && $activate_role_edit)
2730  {
2731  $tabs_gui->addTarget("edit_properties",
2732  $this->ctrl->getLinkTarget($this, "edit"), array("edit","update"), get_class($this));
2733  }
2734 
2735  if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
2736  {
2737  $force_active = ($_GET["cmd"] == "perm" || $_GET["cmd"] == "")
2738  ? true
2739  : false;
2740  $tabs_gui->addTarget("default_perm_settings",
2741  $this->ctrl->getLinkTarget($this, "perm"), array("perm", "adoptPermSave", "permSave"),
2742  get_class($this),
2743  "", $force_active);
2744  }
2745 
2746  if($this->checkAccess('write','edit_permission') && $activate_role_edit)
2747  {
2748  $tabs_gui->addTarget("user_assignment",
2749  $this->ctrl->getLinkTarget($this, "userassignment"),
2750  array("deassignUser", "userassignment", "assignUser", "searchUserForm", "search"),
2751  get_class($this));
2752  }
2753 
2754  if($this->checkAccess('write','edit_permission') && $activate_role_edit)
2755  {
2756  $tabs_gui->addTarget("desktop_items",
2757  $this->ctrl->getLinkTarget($this, "listDesktopItems"),
2758  array("listDesktopItems", "deleteDesktopItems", "selectDesktopItem", "askDeleteDesktopItem"),
2759  get_class($this));
2760  }
2761  }
2762 
2763  function mailToRoleObject()
2764  {
2765  global $rbacreview;
2766 
2767  $obj_ids = ilObject::_getIdsForTitle($this->object->getTitle(), $this->object->getType());
2768  if(count($obj_ids) > 1)
2769  {
2770  $_SESSION['mail_roles'][] = '#il_role_'.$this->object->getId();
2771  }
2772  else
2773  {
2774  $_SESSION['mail_roles'][] = $rbacreview->getRoleMailboxAddress($this->object->getId());
2775  }
2776  $script = 'ilias.php?baseClass=ilMailGUI&type=role';
2777  ilUtil::redirect($script);
2778  }
2779 
2780  function checkAccess($a_perm_global,$a_perm_obj = '')
2781  {
2782  global $rbacsystem,$ilAccess;
2783 
2784  $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
2785 
2786  if($this->rolf_ref_id == ROLE_FOLDER_ID)
2787  {
2788  return $rbacsystem->checkAccess($a_perm_global,$this->rolf_ref_id);
2789  }
2790  else
2791  {
2792  return $ilAccess->checkAccess($a_perm_obj,'',$this->obj_ref_id);
2793  }
2794  }
2795 
2800  protected function isChangeExistingObjectsConfirmationRequired()
2801  {
2802  global $rbacreview;
2803 
2804  if(!(int) $_POST['recursive'] and !is_array($_POST['recursive_list']))
2805  {
2806  return false;
2807  }
2808 
2809  // Role is protected
2810  if($rbacreview->isProtected($this->rolf_ref_id, $this->object->getId()))
2811  {
2812  // TODO: check if recursive_list is enabled
2813  // and if yes: check if inheritance is broken for the relevant object types
2814  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
2815  }
2816  else
2817  {
2818  // TODO: check if recursive_list is enabled
2819  // and if yes: check if inheritance is broken for the relevant object types
2820  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
2821  }
2822  }
2823 
2828  protected function showChangeExistingObjectsConfirmation()
2829  {
2830  $protected = $_POST['protected'];
2831 
2832  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
2833  $form = new ilPropertyFormGUI();
2834  $form->setFormAction($this->ctrl->getFormAction($this,'changeExistingObjects'));
2835  $form->setTitle($this->lng->txt('rbac_change_existing_confirm_tbl'));
2836 
2837  $form->addCommandButton('changeExistingObjects', $this->lng->txt('change_existing_objects'));
2838  $form->addCommandButton('perm',$this->lng->txt('cancel'));
2839 
2840  $hidden = new ilHiddenInputGUI('type_filter');
2841  $hidden->setValue(
2842  $_POST['recursive'] ?
2843  serialize(array('all')) :
2844  serialize($_POST['recursive_list'])
2845  );
2846  $form->addItem($hidden);
2847 
2848  $rad = new ilRadioGroupInputGUI($this->lng->txt('rbac_local_policies'),'mode');
2849 
2850  if($protected)
2851  {
2852  $rad->setValue(ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES);
2853  $keep = new ilRadioOption(
2854  $this->lng->txt('rbac_keep_local_policies'),
2855  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
2856  $this->lng->txt('rbac_keep_local_policies_info')
2857  );
2858  }
2859  else
2860  {
2861  $rad->setValue(ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES);
2862  $keep = new ilRadioOption(
2863  $this->lng->txt('rbac_keep_local_policies'),
2864  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
2865  $this->lng->txt('rbac_unprotected_keep_local_policies_info')
2866  );
2867 
2868  }
2869  $rad->addOption($keep);
2870 
2871  if($protected)
2872  {
2873  $del = new ilRadioOption(
2874  $this->lng->txt('rbac_delete_local_policies'),
2875  ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES,
2876  $this->lng->txt('rbac_delete_local_policies_info')
2877  );
2878  }
2879  else
2880  {
2881  $del = new ilRadioOption(
2882  $this->lng->txt('rbac_delete_local_policies'),
2883  ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES,
2884  $this->lng->txt('rbac_unprotected_delete_local_policies_info')
2885  );
2886  }
2887  $rad->addOption($del);
2888 
2889  $form->addItem($rad);
2890  $this->tpl->setContent($form->getHTML());
2891  }
2892 
2897  protected function changeExistingObjectsObject()
2898  {
2899  global $tree,$rbacreview,$rbacadmin;
2900 
2901  $mode = (int) $_POST['mode'];
2902  $start = ($this->rolf_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $tree->getParentId($this->rolf_ref_id));
2903  $this->object->changeExistingObjects($start,$mode,unserialize(ilUtil::stripSlashes($_POST['type_filter'])));
2904 
2905  ilUtil::sendSuccess($this->lng->txt('settings_saved'),true);
2906  $this->ctrl->redirect($this,'perm');
2907  }
2908 
2909 
2910 } // END class.ilObjRoleGUI
2911 ?>