ILIAS  Release_4_1_x_branch Revision 61804
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilObjRoleGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 include_once "./classes/class.ilObjectGUI.php";
5 include_once './Services/AccessControl/classes/class.ilObjRole.php';
6 
19 class ilObjRoleGUI extends ilObjectGUI
20 {
21  const MODE_GLOBAL_UPDATE = 1;
22  const MODE_GLOBAL_CREATE = 2;
23  const MODE_LOCAL_UPDATE = 3;
24  const MODE_LOCAL_CREATE = 4;
25 
31  var $type;
32 
38  var $rolf_ref_id;
39 
40  protected $obj_ref_id = 0;
41  protected $obj_obj_id = 0;
42  protected $obj_obj_type = '';
43  protected $container_type = '';
44 
45 
46  var $ctrl;
47 
52  function __construct($a_data,$a_id,$a_call_by_reference = false,$a_prepare_output = true)
53  {
54  global $tree,$lng;
55 
56  $lng->loadLanguageModule('rbac');
57 
58  //TODO: move this to class.ilias.php
59  define("USER_FOLDER_ID",7);
60 
61  if($_GET['rolf_ref_id'] != '')
62  {
63  $this->rolf_ref_id = $_GET['rolf_ref_id'];
64  }
65  else
66  {
67  $this->rolf_ref_id = $_GET['ref_id'];
68  }
69  // Add ref_id of object that contains this role folder
70  $this->obj_ref_id = $tree->getParentId($this->rolf_ref_id);
71  $this->obj_obj_id = ilObject::_lookupObjId($this->getParentRefId());
72  $this->obj_obj_type = ilObject::_lookupType($this->getParentObjId());
73 
74  $this->container_type = ilObject::_lookupType(ilObject::_lookupObjId($this->obj_ref_id));
75 
76  $this->type = "role";
77  $this->ilObjectGUI($a_data,$a_id,$a_call_by_reference,false);
78  $this->ctrl->saveParameter($this, array("obj_id", "rolf_ref_id"));
79  }
80 
81 
82  function &executeCommand()
83  {
84  global $rbacsystem;
85 
86  $this->prepareOutput();
87 
88  $next_class = $this->ctrl->getNextClass($this);
89  $cmd = $this->ctrl->getCmd();
90 
91  switch($next_class)
92  {
93  case 'ilrepositorysearchgui':
94  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
95  $rep_search =& new ilRepositorySearchGUI();
96  $rep_search->setCallback($this,'addUserObject');
97 
98  // Set tabs
99  $this->tabs_gui->setTabActive('user_assignment');
100  $this->ctrl->setReturn($this,'userassignment');
101  $ret =& $this->ctrl->forwardCommand($rep_search);
102  break;
103 
104  default:
105  if(!$cmd)
106  {
107  if($this->showDefaultPermissionSettings())
108  {
109  $cmd = "perm";
110  }
111  else
112  {
113  $cmd = 'userassignment';
114  }
115  }
116  $cmd .= "Object";
117  $this->$cmd();
118 
119  break;
120  }
121 
122  return true;
123  }
124 
129  public function getParentRefId()
130  {
131  return $this->obj_ref_id;
132  }
133 
138  public function getParentObjId()
139  {
140  return $this->obj_obj_id;
141  }
142 
147  public function getParentType()
148  {
149  return $this->obj_obj_type;
150  }
151 
155  function setBackTarget($a_text, $a_link)
156  {
157  $this->back_target = array("text" => $a_text,
158  "link" => $a_link);
159  }
160 
161  public function getBackTarget()
162  {
163  return $this->back_target ? $this->back_target : array();
164  }
165 
169  function getAdminTabs(&$tabs_gui)
170  {
171  $this->getTabs($tabs_gui);
172  }
173 
178  protected function getContainerType()
179  {
180  return $this->container_type;
181  }
182 
187  protected function showDefaultPermissionSettings()
188  {
189  global $objDefinition;
190 
191  return $objDefinition->isContainer($this->getContainerType());
192  }
193 
194 
195  function listDesktopItemsObject()
196  {
197  global $rbacsystem,$rbacreview,$tree;
198 
199 
200  #if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
201  /*
202  if(!$this->checkAccess('edit_permission'))
203  {
204  ilUtil::sendFailure()
205  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
206  }
207  */
208  if(!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
209  $this->rolf_ref_id != ROLE_FOLDER_ID)
210  {
211  ilUtil::sendInfo($this->lng->txt('role_no_users_no_desk_items'));
212  return true;
213  }
214 
215 
216  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
217  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
218 
219  if($rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
220  {
221  $this->__showButton('selectDesktopItem',$this->lng->txt('role_desk_add'));
222  }
223  if(!count($items = $role_desk_item_obj->getAll()))
224  {
225  ilUtil::sendInfo($this->lng->txt('role_desk_none_created'));
226  return true;
227  }
228  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_list.html");
229  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
230  $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
231  $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
232  $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
233  $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
234  $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
235  $this->tpl->setVariable("IMG_ARROW",ilUtil::getImagePath('arrow_downright.gif'));
236 
237  $counter = 0;
238 
239  foreach($items as $role_item_id => $item)
240  {
241  $tmp_obj = ilObjectFactory::getInstanceByRefId($item['item_id']);
242 
243  if(strlen($desc = $tmp_obj->getDescription()))
244  {
245  $this->tpl->setCurrentBlock("description");
246  $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
247  $this->tpl->parseCurrentBlock();
248  }
249  $this->tpl->setCurrentBlock("desk_row");
250  $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
251  $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
252  $this->tpl->setVariable("CHECK_DESK",ilUtil::formCheckBox(0,'del_desk_item[]',$role_item_id));
253  $this->tpl->setVariable("TXT_PATH",$this->lng->txt('path').':');
254  $this->tpl->setVariable("PATH",$this->__formatPath($tree->getPathFull($item['item_id'])));
255  $this->tpl->parseCurrentBlock();
256  }
257 
258  return true;
259  }
260 
261  function askDeleteDesktopItemObject()
262  {
263  global $rbacsystem;
264 
265 
266  #if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
267  if(!$this->checkAccess('edit_permission'))
268  {
269  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
270  }
271  if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
272  {
273  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
274  }
275  if(!count($_POST['del_desk_item']))
276  {
277  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
278 
279  $this->listDesktopItemsObject();
280 
281  return true;
282  }
283  ilUtil::sendQuestion($this->lng->txt('role_sure_delete_desk_items'));
284 
285  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_ask_delete_desktop_item.html");
286  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
287  $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
288  $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
289  $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
290  $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
291  $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
292  $this->tpl->setVariable("BTN_CANCEL",$this->lng->txt('cancel'));
293 
294  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
295 
296  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
297 
298  $counter = 0;
299 
300  foreach($_POST['del_desk_item'] as $role_item_id)
301  {
302  $item_data = $role_desk_item_obj->getItem($role_item_id);
303  $tmp_obj =& ilObjectFactory::getInstanceByRefId($item_data['item_id']);
304 
305  if(strlen($desc = $tmp_obj->getDescription()))
306  {
307  $this->tpl->setCurrentBlock("description");
308  $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
309  $this->tpl->parseCurrentBlock();
310  }
311  $this->tpl->setCurrentBlock("desk_row");
312  $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
313  $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
314  $this->tpl->parseCurrentBlock();
315  }
316 
317  $_SESSION['role_del_desk_items'] = $_POST['del_desk_item'];
318 
319  return true;
320  }
321 
322  function deleteDesktopItemsObject()
323  {
324  global $rbacsystem;
325 
326  #if (!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
327  if(!$this->checkAccess('edit_permission'))
328  {
329  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
330  }
331 
332  if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
333  {
334  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
335  }
336 
337  if (!count($_SESSION['role_del_desk_items']))
338  {
339  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
340 
341  $this->listDesktopItemsObject();
342 
343  return true;
344  }
345 
346  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
347 
348  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
349 
350  foreach ($_SESSION['role_del_desk_items'] as $role_item_id)
351  {
352  $role_desk_item_obj->delete($role_item_id);
353  }
354 
355  ilUtil::sendSuccess($this->lng->txt('role_deleted_desktop_items'));
356  $this->listDesktopItemsObject();
357 
358  return true;
359  }
360 
361 
362  function selectDesktopItemObject()
363  {
364  global $rbacsystem,$tree;
365 
366  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
367  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
368 
369  if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
370  {
371  #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
372  ilUtil::sendFailure($this->lng->txt('permission_denied'));
373  $this->listDesktopItemsObject();
374  return false;
375  }
376 
377  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_selector.html");
378  $this->__showButton('listDesktopItems',$this->lng->txt('back'));
379 
380  ilUtil::sendInfo($this->lng->txt("role_select_desktop_item"));
381 
382  $exp = new ilRoleDesktopItemSelector($this->ctrl->getLinkTarget($this,'selectDesktopItem'),
383  new ilRoleDesktopItem($this->object->getId()));
384  $exp->setExpand($_GET["role_desk_item_link_expand"] ? $_GET["role_desk_item_link_expand"] : $tree->readRootId());
385  $exp->setExpandTarget($this->ctrl->getLinkTarget($this,'selectDesktopItem'));
386 
387  $exp->setOutput(0);
388 
389  $output = $exp->getOutput();
390  $this->tpl->setVariable("EXPLORER",$output);
391  //$this->tpl->setVariable("EXPLORER", $exp->getOutput());
392 
393  return true;
394  }
395 
396  function assignDesktopItemObject()
397  {
398  global $rbacsystem;
399 
400  if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
401  {
402  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
403  return false;
404  }
405 
406 
407  if (!isset($_GET['item_id']))
408  {
409  ilUtil::sendFailure($this->lng->txt('role_no_item_selected'));
410  $this->selectDesktopItemObject();
411 
412  return false;
413  }
414 
415  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
416 
417  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
418  $role_desk_item_obj->add((int) $_GET['item_id'],ilObject::_lookupType((int) $_GET['item_id'],true));
419 
420  ilUtil::sendSuccess($this->lng->txt('role_assigned_desktop_item'));
421 
422  $this->ctrl->redirect($this,'listDesktopItems');
423  return true;
424  }
425 
431  protected function initFormRoleProperties($a_mode)
432  {
433  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
434  $this->form = new ilPropertyFormGUI();
435 
436  if($this->creation_mode)
437  {
438  $this->ctrl->setParameter($this, "new_type", 'role');
439  }
440  $this->form->setFormAction($this->ctrl->getFormAction($this));
441 
442  switch($a_mode)
443  {
444  case self::MODE_GLOBAL_CREATE:
445  $this->form->setTitle($this->lng->txt('role_new'));
446  $this->form->addCommandButton('save',$this->lng->txt('role_new'));
447  break;
448 
449  case self::MODE_GLOBAL_UPDATE:
450  $this->form->setTitle($this->lng->txt('role_edit'));
451  $this->form->addCommandButton('update', $this->lng->txt('save'));
452  break;
453 
454  case self::MODE_LOCAL_CREATE:
455  case self::MODE_LOCAL_UPDATE:
456  }
457  // Fix cancel
458  $this->form->addCommandButton('cancel', $this->lng->txt('cancel'));
459 
460  $title = new ilTextInputGUI($this->lng->txt('title'),'title');
461  if(ilObjRole::isAutoGenerated($this->object->getId()))
462  {
463  $title->setDisabled(true);
464  }
465  $title->setValidationRegexp('/^(?!il_).*$/');
466  $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
467  $title->setSize(40);
468  $title->setMaxLength(70);
469  $title->setRequired(true);
470  $this->form->addItem($title);
471 
472  $desc = new ilTextAreaInputGUI($this->lng->txt('description'),'desc');
473  if(ilObjRole::isAutoGenerated($this->object->getId()))
474  {
475  $desc->setDisabled(true);
476  }
477  $desc->setCols(40);
478  $desc->setRows(3);
479  $this->form->addItem($desc);
480 
481  if($this->rolf_ref_id == ROLE_FOLDER_ID)
482  {
483  $reg = new ilCheckboxInputGUI($this->lng->txt('allow_register'),'reg');
484  $reg->setValue(1);
485  #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
486  $this->form->addItem($reg);
487 
488  $la = new ilCheckboxInputGUI($this->lng->txt('allow_assign_users'),'la');
489  $la->setValue(1);
490  #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
491  $this->form->addItem($la);
492  }
493 
494  $pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'),'pro');
495  $pro->setValue(1);
496  #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
497  $this->form->addItem($pro);
498 
499  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
500  if(ilDiskQuotaActivationChecker::_isActive())
501  {
502  $quo = new ilNumberInputGUI($this->lng->txt('disk_quota'),'disk_quota');
503  $quo->setMinValue(0);
504  $quo->setSize(4);
505  $quo->setInfo($this->lng->txt('enter_in_mb_desc').'<br />'.$this->lng->txt('disk_quota_on_role_desc'));
506  $this->form->addItem($quo);
507  }
508 
509  return true;
510  }
511 
517  protected function loadRoleProperties(ilObjRole $role)
518  {
519  $role->setTitle($this->form->getInput('title'));
520  $role->setDescription($this->form->getInput('desc'));
521  $role->setAllowRegister($this->form->getInput('reg'));
522  $role->toggleAssignUsersStatus($this->form->getInput('la'));
523  $role->setDiskQuota($this->form->getInput('disk_quota') * pow(ilFormat::_getSizeMagnitude(),2));
524  return true;
525  }
526 
532  protected function readRoleProperties(ilObjRole $role)
533  {
534  global $rbacreview;
535 
536  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
537 
538  $data['title'] = $role->getTitle();
539  $data['desc'] = $role->getDescription();
540  $data['reg'] = $role->getAllowRegister();
541  $data['la'] = $role->getAssignUsersStatus();
542  if(ilDiskQuotaActivationChecker::_isActive())
543  {
544  $data['disk_quota'] = $role->getDiskQuota() / (pow(ilFormat::_getSizeMagnitude(),2));
545  }
546  $data['pro'] = $rbacreview->isProtected($this->rolf_ref_id, $role->getId());
547 
548  $this->form->setValuesByArray($data);
549  }
550 
551 
552 
553 
559  public function createObject()
560  {
561  global $rbacsystem;
562 
563  if(!$rbacsystem->checkAccess('create_role',$this->rolf_ref_id))
564  {
565  $ilErr->raiseError($this->lng->txt('permission_denied'),$ilErr->MESSAGE);
566  }
567 
568  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
569  $this->tpl->setContent($this->form->getHTML());
570  }
571 
576  public function editObject()
577  {
578  global $rbacsystem, $rbacreview, $ilSetting,$ilErr;
579 
580  if(!$this->checkAccess('write','edit_permission'))
581  {
582  $ilErr->raiseError($this->lng->txt("msg_no_perm_write"),$ilErr->MESSAGE);
583  }
584  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
585  $this->readRoleProperties($this->object);
586  $this->tpl->setContent($this->form->getHTML());
587  }
588 
594  function editObject2()
595  {
596  global $rbacsystem, $rbacreview, $ilSetting;
597  require_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
598  require_once 'classes/class.ilFormat.php';
599 
600  #if (!$rbacsystem->checkAccess("write", $this->rolf_ref_id))
601  if(!$this->checkAccess('write','edit_permission'))
602  {
603  $this->ilias->raiseError($this->lng->txt("msg_no_perm_write"),$this->ilias->error_obj->MESSAGE);
604  }
605 
606  $this->getTemplateFile("edit");
607 
608  if ($_SESSION["error_post_vars"])
609  {
610  // fill in saved values in case of error
611  if (substr($this->object->getTitle(false),0,3) != "il_")
612  {
613  $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($_SESSION["error_post_vars"]["Fobject"]["title"]),true);
614  $this->tpl->setVariable("DESC",ilUtil::stripSlashes($_SESSION["error_post_vars"]["Fobject"]["desc"]));
615  }
616 
617  $allow_register = ($_SESSION["error_post_vars"]["Fobject"]["allow_register"]) ? "checked=\"checked\"" : "";
618  $assign_users = ($_SESSION["error_post_vars"]["Fobject"]["assign_users"]) ? "checked=\"checked\"" : "";
619  $protect_permissions = ($_SESSION["error_post_vars"]["Fobject"]["protect_permissions"]) ? "checked=\"checked\"" : "";
620  if (ilDiskQuotaActivationChecker::_isActive())
621  {
622  $disk_quota = $_SESSION["error_post_vars"]["Fobject"]["disk_quota"];
623  }
624  }
625  else
626  {
627  if (substr($this->object->getTitle(),0,3) != "il_")
628  {
629  $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($this->object->getTitle()));
630  $this->tpl->setVariable("DESC",ilUtil::stripSlashes($this->object->getDescription()));
631  }
632 
633  $allow_register = ($this->object->getAllowRegister()) ? "checked=\"checked\"" : "";
634  $assign_users = $this->object->getAssignUsersStatus() ? "checked=\"checked\"" : "";
635  if (ilDiskQuotaActivationChecker::_isActive())
636  {
637  $disk_quota = $this->object->getDiskQuota() / ilFormat::_getSizeMagnitude() / ilFormat::_getSizeMagnitude();
638  }
639  $protect_permissions = $rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()) ? "checked=\"checked\"" : "";
640 
641  }
642 
643  $obj_str = "&obj_id=".$this->obj_id;
644 
645  $this->tpl->setVariable("TXT_TITLE",$this->lng->txt("title"));
646  $this->tpl->setVariable("TXT_DESC",$this->lng->txt("desc"));
647 
648  // exclude allow register option for anonymous role, system role and all local roles
649  $global_roles = $rbacreview->getGlobalRoles();
650 
651  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
652  $this->tpl->setVariable("TXT_HEADER", $this->lng->txt($this->object->getType()."_edit"));
653  $this->tpl->setVariable("TARGET", $this->getTargetFrame("update"));
654  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
655  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
656  $this->tpl->setVariable("CMD_SUBMIT", "update");
657  $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
658 
659  if (substr($this->object->getTitle(),0,3) == "il_")
660  {
661  $this->tpl->setVariable("SHOW_TITLE",ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")");
662 
663  $rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
664  $parent_node = $this->tree->getParentNodeData($rolf[0]);
665 
666  $this->tpl->setVariable("SHOW_DESC",$this->lng->txt("obj_".$parent_node['type'])." (".$parent_node['obj_id'].") <br/>".$parent_node['title']);
667 
668  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
669  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("back"));
670  $this->tpl->setVariable("CMD_SUBMIT", "cancel");
671  }
672 
673  if ($this->object->getId() != ANONYMOUS_ROLE_ID and
674  $this->object->getId() != SYSTEM_ROLE_ID and
675  in_array($this->object->getId(),$global_roles))
676  {
677  $this->tpl->setCurrentBlock("allow_register");
678  $this->tpl->setVariable("TXT_ALLOW_REGISTER",$this->lng->txt("allow_register"));
679  $this->tpl->setVariable("ALLOW_REGISTER",$allow_register);
680  $this->tpl->parseCurrentBlock();
681 
682  $this->tpl->setCurrentBlock("assign_users");
683  $this->tpl->setVariable("TXT_ASSIGN_USERS",$this->lng->txt('allow_assign_users'));
684  $this->tpl->setVariable("ASSIGN_USERS",$assign_users);
685  $this->tpl->parseCurrentBlock();
686 
687  $this->tpl->setCurrentBlock("protect_permissions");
688  $this->tpl->setVariable("TXT_PROTECT_PERMISSIONS",$this->lng->txt('role_protect_permissions'));
689  $this->tpl->setVariable("PROTECT_PERMISSIONS",$protect_permissions);
690  $this->tpl->parseCurrentBlock();
691 
692  require_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
693  if (ilDiskQuotaActivationChecker::_isActive())
694  {
695  $this->tpl->setCurrentBlock("disk_quota");
696  $this->tpl->setVariable("TXT_DISK_QUOTA",$this->lng->txt("disk_quota"));
697  $this->tpl->setVariable("TXT_DISK_QUOTA_DESC",$this->lng->txt("enter_in_mb_desc").'<br>'.$this->lng->txt("disk_quota_on_role_desc"));
698  $this->tpl->setVariable("DISK_QUOTA",$disk_quota);
699  $this->tpl->parseCurrentBlock();
700  }
701  }
702  }
703 
704 
709  public function saveObject()
710  {
711  global $rbacadmin,$rbacreview;
712 
713  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
714  if($this->form->checkInput() and !$this->checkDuplicate())
715  {
716  include_once './Services/AccessControl/classes/class.ilObjRole.php';
717  $this->loadRoleProperties($this->role = new ilObjRole());
718  $this->role->create();
719  $rbacadmin->assignRoleToFolder($this->role->getId(), $this->rolf_ref_id,'y');
720  $rbacadmin->setProtected(
721  $this->rolf_ref_id,
722  $this->role->getId(),
723  $this->form->getInput('pro') ? 'y' : 'n'
724  );
725  ilUtil::sendSuccess($this->lng->txt("role_added"),true);
726  $this->ctrl->returnToParent($this);
727  }
728 
729  ilUtil::sendFailure($this->lng->txt('err_check_input'));
730  $this->form->setValuesByPost();
731  $this->tpl->setContent($this->form->getHTML());
732  return false;
733  }
734 
739  protected function checkDuplicate($a_role_id = 0)
740  {
741  global $rbacreview;
742 
743  foreach($rbacreview->getRolesOfRoleFolder($this->rolf_ref_id) as $role_id)
744  {
745  if($role_id == $a_role_id)
746  {
747  continue;
748  }
749 
750  $title = trim(ilObject::_lookupTitle($role_id));
751  if(strcmp($title, trim($this->form->getInput('title'))) === 0)
752  {
753  $this->form->getItemByPostVar('title')->setAlert($this->lng->txt('rbac_role_exists_alert'));
754  return true;
755  }
756  }
757  return false;
758  }
759 
764  public function updateObject()
765  {
766  global $rbacadmin;
767 
768  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
769  if($this->form->checkInput() and !$this->checkDuplicate($this->object->getId()))
770  {
771  include_once './Services/AccessControl/classes/class.ilObjRole.php';
772  $this->loadRoleProperties($this->object);
773  $this->object->update();
774  $rbacadmin->setProtected(
775  $this->rolf_ref_id,
776  $this->object->getId(),
777  $this->form->getInput('pro') ? 'y' : 'n'
778  );
779  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
780  $this->ctrl->redirect($this,'edit');
781  }
782 
783  ilUtil::sendFailure($this->lng->txt('err_check_input'));
784  $this->form->setValuesByPost();
785  $this->tpl->setContent($this->form->getHTML());
786  return false;
787  }
788 
793  protected function permObject($a_show_admin_permissions = false)
794  {
795  global $ilTabs, $ilErr, $ilToolbar, $objDefinition,$rbacreview;
796 
797  $ilTabs->setTabActive('default_perm_settings');
798 
799  $this->setSubTabs('default_perm_settings');
800 
801  if($a_show_admin_permissions)
802  {
803  $ilTabs->setSubTabActive('rbac_admin_permissions');
804  }
805  else
806  {
807  $ilTabs->setSubTabActive('rbac_repository_permissions');
808  }
809 
810  if(!$this->checkAccess('write','edit_permission'))
811  {
812  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->MESSAGE);
813  return true;
814  }
815 
816  // Show copy role button
817  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
818  $ilToolbar->addButton(
819  $this->lng->txt("adopt_perm_from_template"),
820  $this->ctrl->getLinkTarget($this,'adoptPerm')
821  );
822  if($rbacreview->isDeleteable($this->object->getId(), $this->rolf_ref_id))
823  {
824  $ilToolbar->addButton(
825  $this->lng->txt('rbac_delete_role'),
826  $this->ctrl->getLinkTarget($this,'confirmDeleteRole')
827  );
828  }
829 
830  $this->tpl->addBlockFile(
831  'ADM_CONTENT',
832  'adm_content',
833  'tpl.rbac_template_permissions.html',
834  'Services/AccessControl'
835  );
836 
837  $this->tpl->setVariable('PERM_ACTION',$this->ctrl->getFormAction($this));
838 
839  include_once './Services/Accordion/classes/class.ilAccordionGUI.php';
840  $acc = new ilAccordionGUI();
841  $acc->setBehaviour(ilAccordionGUI::FORCE_ALL_OPEN);
842  $acc->setId('template_perm_'.$this->getParentRefId());
843 
844  if($this->rolf_ref_id == ROLE_FOLDER_ID)
845  {
846  if($a_show_admin_permissions)
847  {
848  $subs = $objDefinition->getSubObjectsRecursively('adm',true,true);
849  }
850  else
851  {
852  $subs = $objDefinition->getSubObjectsRecursively('root',true,$a_show_admin_permissions);
853  }
854  }
855  else
856  {
857  $subs = $objDefinition->getSubObjectsRecursively($this->getParentType(),true,$a_show_admin_permissions);
858  }
859 
860  $sorted = array();
861  foreach($subs as $subtype => $def)
862  {
863  if($objDefinition->isPlugin($subtype))
864  {
865  $translation = ilPlugin::lookupTxt("rep_robj", $subtype,"obj_".$subtype);
866  }
867  elseif($objDefinition->isSystemObject($subtype))
868  {
869  $translation = $this->lng->txt("obj_".$subtype);
870  }
871  else
872  {
873  $translation = $this->lng->txt('objs_'.$subtype);
874  }
875 
876  $sorted[$subtype] = $def;
877  $sorted[$subtype]['translation'] = $translation;
878  }
879 
880 
881  $sorted = ilUtil::sortArray($sorted, 'translation','asc',true,true);
882  foreach($sorted as $subtype => $def)
883  {
884  if($objDefinition->isPlugin($subtype))
885  {
886  $translation = ilPlugin::lookupTxt("rep_robj", $subtype,"obj_".$subtype);
887  }
888  elseif($objDefinition->isSystemObject($subtype))
889  {
890  $translation = $this->lng->txt("obj_".$subtype);
891  }
892  else
893  {
894  $translation = $this->lng->txt('objs_'.$subtype);
895  }
896 
897  include_once 'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
898  $tbl = new ilObjectRoleTemplatePermissionTableGUI(
899  $this,
900  'perm',
901  $this->getParentRefId(),
902  $this->object->getId(),
903  $subtype,
904  $a_show_admin_permissions
905  );
906  $tbl->parse();
907 
908  $acc->addItem($translation, $tbl->getHTML());
909  }
910 
911  $this->tpl->setVariable('ACCORDION',$acc->getHTML());
912 
913  // Add options table
914  include_once './Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
915  $options = new ilObjectRoleTemplateOptionsTableGUI(
916  $this,
917  'perm',
918  $this->rolf_ref_id,
919  $this->object->getId(),
920  $a_show_admin_permissions
921  );
922  $options->addMultiCommand(
923  $a_show_admin_permissions ? 'adminPermSave' : 'permSave',
924  $this->lng->txt('save')
925  );
926 
927  $options->parse();
928  $this->tpl->setVariable('OPTIONS_TABLE',$options->getHTML());
929  }
930 
935  protected function adminPermObject()
936  {
937  return $this->permObject(true);
938  }
939 
944  protected function adminPermSaveObject()
945  {
946  return $this->permSaveObject(true);
947  }
948 
954  function perm2Object()
955  {
956  global $rbacadmin, $rbacreview, $rbacsystem, $objDefinition, $tree,$ilTabs, $ilToolbar;
957 
958  $ilTabs->setTabActive('default_perm_settings');
959 
960  $access = $this->checkAccess('visible,write','edit_permission');
961  if (!$access)
962  {
963  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
964  }
965 
966 
967  $perm_def = $this->object->__getPermissionDefinitions();
968 
969  $rbac_objects =& $perm_def[0];
970  $rbac_operations =& $perm_def[1];
971 
972  foreach ($rbac_objects as $key => $obj_data)
973  {
974  if ($objDefinition->isPlugin($obj_data["type"]))
975  {
976  $rbac_objects[$key]["name"] = ilPlugin::lookupTxt("rep_robj", $obj_data["type"],
977  "obj_".$obj_data["type"]);
978  }
979  else
980  {
981  $rbac_objects[$key]["name"] = $this->lng->txt("obj_".$obj_data["type"]);
982  }
983  $rbac_objects[$key]["ops"] = $rbac_operations[$key];
984  }
985 
986  // for local roles display only the permissions settings for allowed subobjects
987  if ($this->rolf_ref_id != ROLE_FOLDER_ID)
988  {
989  // first get object in question (parent of role folder object)
990  $parent_data = $this->tree->getParentNodeData($this->rolf_ref_id);
991  // get allowed subobjects of object recursively
992  $subobj_data = $this->objDefinition->getSubObjectsRecursively($parent_data["type"]);
993 
994  // remove not allowed object types from array but keep the type definition of object itself
995  foreach ($rbac_objects as $key => $obj_data)
996  {
997  if ($obj_data["type"] == "rolf")
998  {
999  unset($rbac_objects[$key]);
1000  continue;
1001  }
1002 
1003  if (!$subobj_data[$obj_data["type"]] and $parent_data["type"] != $obj_data["type"])
1004  {
1005  unset($rbac_objects[$key]);
1006  }
1007  }
1008  } // end if local roles
1009 
1010  // now sort computed result
1011  //sort($rbac_objects);
1012 
1013  /*foreach ($rbac_objects as $key => $obj_data)
1014  {
1015  sort($rbac_objects[$key]["ops"]);
1016  }*/
1017 
1018  // sort by (translated) name of object type
1019  $rbac_objects = ilUtil::sortArray($rbac_objects,"name","asc");
1020 
1021  // BEGIN CHECK_PERM
1022  foreach ($rbac_objects as $key => $obj_data)
1023  {
1024  $arr_selected = $rbacreview->getOperationsOfRole($this->object->getId(), $obj_data["type"], $this->rolf_ref_id);
1025  $arr_checked = array_intersect($arr_selected,array_keys($rbac_operations[$obj_data["obj_id"]]));
1026 
1027  foreach ($rbac_operations[$obj_data["obj_id"]] as $operation)
1028  {
1029  // check all boxes for system role
1030  if ($this->object->getId() == SYSTEM_ROLE_ID)
1031  {
1032  $checked = true;
1033  $disabled = true;
1034  }
1035  else
1036  {
1037  $checked = in_array($operation["ops_id"],$arr_checked);
1038  $disabled = false;
1039  }
1040 
1041  // Es wird eine 2-dim Post Variable uebergeben: perm[rol_id][ops_id]
1042  $box = ilUtil::formCheckBox($checked,"template_perm[".$obj_data["type"]."][]",$operation["ops_id"],$disabled);
1043  $output["perm"][$obj_data["obj_id"]][$operation["ops_id"]] = $box;
1044  }
1045  }
1046  // END CHECK_PERM
1047 
1048  $output["col_anz"] = count($rbac_objects);
1049  $output["txt_save"] = $this->lng->txt("save");
1050  $output["check_recursive"] = ilUtil::formCheckBox(0,"recursive",1);
1051  $output["text_recursive"] = $this->lng->txt("change_existing_objects");
1052  $output["text_recursive_desc"] = $this->lng->txt("change_existing_objects_desc");
1053 
1054  $protected_disabled = true;
1055 
1056  if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
1057  {
1058  $protected_disabled = false;
1059  }
1060 
1061  $output["check_protected"] = ilUtil::formCheckBox($rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()),
1062  "protected",
1063  1,
1064  $protected_disabled);
1065 
1066  $output["text_protected"] = $this->lng->txt("role_protect_permissions");
1067  $output["text_protected_desc"] = $this->lng->txt("role_protect_permissions_desc");
1068 
1069  /* send message for system role
1070  if ($this->object->getId() == SYSTEM_ROLE_ID)
1071  {
1072  $output["adopt"] = array();
1073  $output["sysrole_msg"] = $this->lng->txt("msg_sysrole_not_editable");
1074  }
1075  */
1076 
1077  $output["formaction"] = $this->ctrl->getFormAction($this);
1078 
1079  $this->data = $output;
1080 
1081 
1082 /************************************/
1083 /* generate output */
1084 /************************************/
1085 
1086  $this->tpl->addBlockfile('ADM_CONTENT','adm_content','tpl.adm_perm_role.html');
1087 
1088 
1089  if($access and $this->object->isDeletable($this->rolf_ref_id))
1090  {
1091  $this->tpl->setVariable('LINK_DELETE_ROLE',$this->ctrl->getLinkTarget($this,'confirmDeleteRole'));
1092  $this->tpl->setVariable('TXT_DELETE_ROLE',$this->lng->txt('rbac_delete_role'));
1093  $this->tpl->setVariable('TXT_FOOTER_DELETE_ROLE',$this->lng->txt('rbac_delete_role'));
1094  }
1095 
1096  foreach ($rbac_objects as $obj_data)
1097  {
1098  // BEGIN object_operations
1099  $this->tpl->setCurrentBlock("object_operations");
1100 
1101  $ops_ids = "";
1102 
1103  foreach ($obj_data["ops"] as $operation)
1104  {
1105  $ops_ids[] = $operation["ops_id"];
1106 
1107  //$css_row = ilUtil::switchColor($j++, "tblrow1", "tblrow2");
1108  $css_row = "tblrow1";
1109  $this->tpl->setVariable("CSS_ROW",$css_row);
1110  $this->tpl->setVariable("PERMISSION",$operation["name"]);
1111  if (substr($operation["title"], 0, 7) == "create_")
1112  {
1113  if ($this->objDefinition->getDevMode(substr($operation["title"], 7, strlen($operation["title"]) -7)))
1114  {
1115  $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
1116  }
1117  }
1118  $this->tpl->setVariable("CHECK_PERMISSION",$this->data["perm"][$obj_data["obj_id"]][$operation["ops_id"]]);
1119  $this->tpl->setVariable("LABEL_ID","template_perm_".$obj_data["type"]."_".$operation["ops_id"]);
1120  $this->tpl->parseCurrentBlock();
1121  } // END object_operations
1122 
1123  // BEGIN object_type
1124  $this->tpl->setCurrentBlock("object_type");
1125 
1126  // add administration for adminstrative items
1127  if ($objDefinition->isSystemObject($obj_data["type"]) &&
1128  $obj_data["type"] != "root")
1129  {
1130  $this->tpl->setVariable("TXT_ADMINIS", "(".$this->lng->txt("administration").") ");
1131  }
1132 
1133  $this->tpl->setVariable("TXT_OBJ_TYPE",$obj_data["name"]);
1134 
1135 // TODO: move this if in a function and query all objects that may be disabled or inactive
1136  if ($this->objDefinition->getDevMode($obj_data["type"]))
1137  {
1138  $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
1139  }
1140  else if ($obj_data["type"] == "icrs" and !$this->ilias->getSetting("ilinc_active"))
1141  {
1142  $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_enabled_or_configured").")");
1143  }
1144 
1145  // option: change permissions of exisiting objects of that type
1146  $this->tpl->setVariable("OBJ_TYPE",$obj_data["type"]);
1147  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE_DESC",$this->lng->txt("change_existing_object_type_desc"));
1148 
1149  // use different Text for system objects
1150  if ($objDefinition->isPlugin($obj_data["type"]))
1151  {
1152  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix")." ".
1153  ilPlugin::lookupTxt("rep_robj", $obj_data["type"], "objs_".$obj_data["type"]).
1154  " ".$this->lng->txt("change_existing_suffix"));
1155  }
1156  else if ($objDefinition->isSystemObject($obj_data["type"]))
1157  {
1158  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix_single")." ".$this->lng->txt("obj_".$obj_data["type"])." ".$this->lng->txt("change_existing_suffix_single"));
1159 
1160  }
1161  else
1162  {
1163  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix")." ".$this->lng->txt("objs_".$obj_data["type"])." ".$this->lng->txt("change_existing_suffix"));
1164  }
1165 
1166  // js checkbox toggles
1167  $this->tpl->setVariable("JS_VARNAME","template_perm_".$obj_data["type"]);
1168  $this->tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($ops_ids));
1169  $this->tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
1170  $this->tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
1171 
1172  $this->tpl->parseCurrentBlock();
1173  // END object_type
1174  }
1175 
1176  // don't display adopt permissions form for system role
1177  if ($this->object->getId() != SYSTEM_ROLE_ID)
1178  {
1179  $this->tpl->setCurrentBlock("tblfooter_special_options");
1180  $this->tpl->setVariable("TXT_PERM_SPECIAL_OPTIONS",$this->lng->txt("perm_special_options"));
1181  $this->tpl->parseCurrentBlock();
1182 
1183  $this->tpl->setCurrentBlock("tblfooter_recursive");
1184  $this->tpl->setVariable("COL_ANZ",3);
1185  $this->tpl->setVariable("CHECK_RECURSIVE",$this->data["check_recursive"]);
1186  $this->tpl->setVariable("TXT_RECURSIVE",$this->data["text_recursive"]);
1187  $this->tpl->setVariable("TXT_RECURSIVE_DESC",$this->data["text_recursive_desc"]);
1188  $this->tpl->parseCurrentBlock();
1189 
1190  $this->tpl->setCurrentBlock("tblfooter_protected");
1191  $this->tpl->setVariable("COL_ANZ",3);
1192  $this->tpl->setVariable("CHECK_PROTECTED",$this->data["check_protected"]);
1193  $this->tpl->setVariable("TXT_PROTECTED",$this->data["text_protected"]);
1194  $this->tpl->setVariable("TXT_PROTECTED_DESC",$this->data["text_protected_desc"]);
1195  $this->tpl->parseCurrentBlock();
1196 
1197  $this->tpl->setCurrentBlock("tblfooter_standard");
1198  $this->tpl->setVariable("COL_ANZ_PLUS",3);
1199  $this->tpl->setVariable("TXT_SAVE",$this->data["txt_save"]);
1200  $this->tpl->parseCurrentBlock();
1201 
1202  // Show copy role button
1203  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
1204  $ilToolbar->addButton($this->lng->txt("adopt_perm_from_template"),$this->ctrl->getLinkTarget($this,'adoptPerm'));
1205  }
1206  else
1207  {
1208  // display form buttons not for system role
1209  $this->tpl->setCurrentBlock("tblfooter_sysrole");
1210  $this->tpl->setVariable("COL_ANZ_SYS",3);
1211  $this->tpl->parseCurrentBlock();
1212 
1213  // display sysrole_msg
1214  $this->tpl->setCurrentBlock("sysrole_msg");
1215  $this->tpl->setVariable("TXT_SYSROLE_MSG",$this->data["sysrole_msg"]);
1216  $this->tpl->parseCurrentBlock();
1217  }
1218 
1219  $this->tpl->setCurrentBlock("adm_content");
1220  $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath("icon_".$this->object->getType().".gif"));
1221  $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt($this->object->getType()));
1222  $this->tpl->setVariable("TBL_HELP_IMG",ilUtil::getImagePath("icon_help.gif"));
1223  $this->tpl->setVariable("TBL_HELP_LINK","tbl_help.php");
1224  $this->tpl->setVariable("TBL_HELP_IMG_ALT",$this->lng->txt("help"));
1225 
1226  // compute additional information in title
1227  $global_roles = $rbacreview->getGlobalRoles();
1228 
1229  if (in_array($this->object->getId(),$global_roles))
1230  {
1231  $desc = "global";
1232  }
1233  else
1234  {
1235  // description for autogenerated roles
1236  if($rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true))
1237  {
1238  $parent_node = $this->tree->getParentNodeData($rolf[0]);
1239  $desc = $this->lng->txt("obj_".$parent_node['type'])." (#".$parent_node['obj_id'].") : ".$parent_node['title'];
1240  }
1241  }
1242 
1243  $description = "&nbsp;<span class=\"small\">(".$desc.")</span>";
1244 
1245  // translation for autogenerated roles
1246  if (substr($this->object->getTitle(),0,3) == "il_")
1247  {
1248  $title = ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")";
1249  }
1250  else
1251  {
1252  $title = $this->object->getTitle();
1253  }
1254 
1255  $this->tpl->setVariable("TBL_TITLE",$title.$description);
1256 
1257  // info text
1258  $pid = $tree->getParentId($this->rolf_ref_id);
1259  $ptitle = ilObject::_lookupTitle(ilObject::_lookupObjId($pid));
1260  if ($this->rolf_ref_id != ROLE_FOLDER_ID)
1261  {
1262  $info = sprintf($this->lng->txt("perm_role_info_1"),
1263  $this->object->getTitle(), $ptitle)." ".
1264  sprintf($this->lng->txt("perm_role_info_2"),
1265  $this->object->getTitle(), $ptitle);
1266  }
1267  else
1268  {
1269  $info = sprintf($this->lng->txt("perm_role_info_glob_1"),
1270  $this->object->getTitle(), $ptitle)." ".
1271  sprintf($this->lng->txt("perm_role_info_glob_2"),
1272  $this->object->getTitle(), $ptitle);
1273  }
1274  $this->tpl->setVariable("TXT_TITLE_INFO", $info);
1275 
1276  $this->tpl->setVariable("TXT_PERMISSION",$this->data["txt_permission"]);
1277  $this->tpl->setVariable("FORMACTION",$this->data["formaction"]);
1278  $this->tpl->parseCurrentBlock();
1279  }
1280 
1281  protected function adoptPermObject()
1282  {
1283  global $rbacreview;
1284 
1285  $output = array();
1286 
1287  $parent_role_ids = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
1288  $ids = array();
1289  foreach($parent_role_ids as $id => $tmp)
1290  {
1291  $ids[] = $id;
1292  }
1293 
1294  // Sort ids
1295  $sorted_ids = ilUtil::_sortIds($ids,'object_data','type,title','obj_id');
1296  $key = 0;
1297  foreach($sorted_ids as $id)
1298  {
1299  $par = $parent_role_ids[$id];
1300  if ($par["obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par["obj_id"])
1301  {
1302  $radio = ilUtil::formRadioButton(0,"adopt",$par["obj_id"]);
1303  $output["adopt"][$key]["css_row_adopt"] = ($key % 2 == 0) ? "tblrow1" : "tblrow2";
1304  $output["adopt"][$key]["check_adopt"] = $radio;
1305  $output["adopt"][$key]["role_id"] = $par["obj_id"];
1306  $output["adopt"][$key]["type"] = ($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt'));
1307  $output["adopt"][$key]["role_name"] = ilObjRole::_getTranslation($par["title"]);
1308  $output["adopt"][$key]["role_desc"] = $par["desc"];
1309  $key++;
1310  }
1311  }
1312 
1313  $output["formaction_adopt"] = $this->ctrl->getFormAction($this);
1314  $output["message_middle"] = $this->lng->txt("adopt_perm_from_template");
1315 
1316 
1317  $tpl = new ilTemplate("tpl.adm_copy_role.html", true, true, "Services/AccessControl");
1318 
1319  $tpl->setCurrentBlock("ADOPT_PERM_ROW");
1320  foreach ($output["adopt"] as $key => $value)
1321  {
1322  $tpl->setVariable("CSS_ROW_ADOPT",$value["css_row_adopt"]);
1323  $tpl->setVariable("CHECK_ADOPT",$value["check_adopt"]);
1324  $tpl->setVariable("LABEL_ID",$value["role_id"]);
1325  $tpl->setVariable("TYPE",$value["type"]);
1326  $tpl->setVariable("ROLE_NAME",$value["role_name"]);
1327  if(strlen($value['role_desc']))
1328  {
1329  $tpl->setVariable('ROLE_DESC',$value['role_desc']);
1330  }
1331  $tpl->parseCurrentBlock();
1332  }
1333 
1334  $tpl->setVariable("TPLPATH",$this->tpl->tplPath);
1335  $tpl->setVariable("MESSAGE_MIDDLE",$output["message_middle"]);
1336  $tpl->setVariable("FORMACTION_ADOPT",$output["formaction_adopt"]);
1337  $tpl->setVariable("ADOPT",$this->lng->txt('copy'));
1338  $tpl->setVariable("CANCEL",$this->lng->txt('cancel'));
1339 
1340  $tpl->setVariable('HEAD_ROLE',$this->lng->txt('title'));
1341  $tpl->setVariable('HEAD_TYPE',$this->lng->txt('type'));
1342 
1343  $this->tpl->setContent($tpl->get());
1344  }
1345 
1350  protected function confirmDeleteRoleObject()
1351  {
1352  global $ilErr,$rbacreview,$ilUser;
1353 
1354  $access = $this->checkAccess('visible,write','edit_permission');
1355  if (!$access)
1356  {
1357  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->WARNING);
1358  }
1359 
1360  $question = $this->lng->txt('rbac_role_delete_qst');
1361  if($rbacreview->isAssigned($ilUser->getId(), $this->object->getId()))
1362  {
1363  $question .= ('<br />'.$this->lng->txt('rbac_role_delete_self'));
1364  }
1365  ilUtil::sendQuestion($question);
1366 
1367  include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
1368 
1369  $confirm = new ilConfirmationGUI();
1370  $confirm->setFormAction($this->ctrl->getFormAction($this));
1371  $confirm->setHeaderText($question);
1372  $confirm->setCancel($this->lng->txt('cancel'), 'perm');
1373  $confirm->setConfirm($this->lng->txt('rbac_delete_role'), 'performDeleteRole');
1374 
1375  $confirm->addItem(
1376  'role',
1377  $this->object->getId(),
1378  $this->object->getTitle(),
1379  ilUtil::getImagePath('icon_role.gif')
1380  );
1381 
1382  $this->tpl->setContent($confirm->getHTML());
1383  return true;
1384  }
1385 
1386 
1391  protected function performDeleteRoleObject()
1392  {
1393  global $ilErr;
1394 
1395  $access = $this->checkAccess('visible,write','edit_permission');
1396  if (!$access)
1397  {
1398  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->WARNING);
1399  }
1400 
1401  $this->object->setParent((int) $_GET['rolf_ref_id']);
1402  $this->object->delete();
1403  ilUtil::sendSuccess($this->lng->txt('msg_deleted_role'),true);
1404 
1405  if($back = $this->getBackTarget())
1406  {
1407  ilUtil::redirect($back['link']);
1408  }
1409  else
1410  {
1411  $this->ctrl->returnToParent($this);
1412  }
1413  }
1414 
1420  function permSaveObject($a_show_admin_permissions = false)
1421  {
1422  global $rbacsystem, $rbacadmin, $rbacreview, $objDefinition, $tree;
1423 
1424  // for role administration check write of global role folder
1425  /*
1426  if ($this->rolf_ref_id == ROLE_FOLDER_ID)
1427  {
1428  $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
1429  }
1430  else // for local roles check 'edit permission' of parent object of the local role folder
1431  {
1432  $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
1433  }
1434  */
1435  $access = $this->checkAccess('visible,write','edit_permission');
1436 
1437  if (!$access)
1438  {
1439  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1440  }
1441 
1442  // rbac log
1443  include_once "Services/AccessControl/classes/class.ilRbacLog.php";
1444  $rbac_log_active = ilRbacLog::isActive();
1445  if($rbac_log_active)
1446  {
1447  $rbac_log_old = ilRbacLog::gatherTemplate($this->rolf_ref_id, $this->object->getId());
1448  }
1449 
1450  // delete all template entries of enabled types
1451  if($this->rolf_ref_id == ROLE_FOLDER_ID)
1452  {
1453  if($a_show_admin_permissions)
1454  {
1455  $subs = $objDefinition->getSubObjectsRecursively('adm',true,true);
1456  }
1457  else
1458  {
1459  $subs = $objDefinition->getSubObjectsRecursively('root',true,false);
1460  }
1461  }
1462  else
1463  {
1464  $subs = $objDefinition->getSubObjectsRecursively($this->getParentType(),true,false);
1465  }
1466 
1467  foreach($subs as $subtype => $def)
1468  {
1469  // Delete per object type
1470  $rbacadmin->deleteRolePermission($this->object->getId(),$this->rolf_ref_id,$subtype);
1471  }
1472 
1473  if (empty($_POST["template_perm"]))
1474  {
1475  $_POST["template_perm"] = array();
1476  }
1477 
1478  foreach ($_POST["template_perm"] as $key => $ops_array)
1479  {
1480  // sets new template permissions
1481  $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->rolf_ref_id);
1482  }
1483 
1484  if($rbac_log_active)
1485  {
1486  $rbac_log_new = ilRbacLog::gatherTemplate($this->rolf_ref_id, $this->object->getId());
1487  $rbac_log_diff = ilRbacLog::diffTemplate($rbac_log_old, $rbac_log_new);
1488  ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE, $this->obj_ref_id, $rbac_log_diff);
1489  }
1490 
1491  // update object data entry (to update last modification date)
1492  $this->object->update();
1493 
1494  // set protected flag
1495  if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
1496  {
1497  $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST['protected']));
1498  }
1499 
1500  if($a_show_admin_permissions)
1501  {
1502  $_POST['recursive'] = true;
1503  }
1504 
1505  // Redirect if Change existing objects is not chosen
1506  if(!$_POST['recursive'] and !is_array($_POST['recursive_list']))
1507  {
1508  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1509  if($a_show_admin_permissions)
1510  {
1511  $this->ctrl->redirect($this,'adminPerm');
1512  }
1513  else
1514  {
1515  $this->ctrl->redirect($this,'perm');
1516  }
1517  }
1518  // New implementation
1519  if($this->isChangeExistingObjectsConfirmationRequired() and !$a_show_admin_permissions)
1520  {
1521  $this->showChangeExistingObjectsConfirmation();
1522  return true;
1523  }
1524 
1525  $start = ($this->rolf_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $tree->getParentId($this->rolf_ref_id));
1526  if($a_show_admin_permissions)
1527  {
1528  $start = $tree->getParentId($this->rolf_ref_id);
1529  }
1530 
1531  if($_POST['protected'])
1532  {
1533  $this->object->changeExistingObjects(
1534  $start,
1535  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
1536  array('all'),
1537  array()
1538  #$a_show_admin_permissions ? array('adm') : array()
1539  );
1540  }
1541  else
1542  {
1543  $this->object->changeExistingObjects(
1544  $start,
1545  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
1546  array('all'),
1547  array()
1548  #$a_show_admin_permissions ? array('adm') : array()
1549  );
1550  }
1551  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1552 
1553  if($a_show_admin_permissions)
1554  {
1555  $this->ctrl->redirect($this,'adminPerm');
1556  }
1557  else
1558  {
1559  $this->ctrl->redirect($this,'perm');
1560  }
1561  return true;
1562  }
1563 
1564 
1570  function adoptPermSaveObject()
1571  {
1572  global $rbacadmin, $rbacsystem, $rbacreview, $tree;
1573 
1574  if(!$_POST['adopt'])
1575  {
1576  ilUtil::sendFailure($this->lng->txt('select_one'));
1577  $this->adoptPermObject();
1578  return false;
1579  }
1580 
1581  $access = $this->checkAccess('visible,write','edit_permission');
1582  if (!$access)
1583  {
1584  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1585  }
1586 
1587  if ($this->object->getId() == $_POST["adopt"])
1588  {
1589  ilUtil::sendFailure($this->lng->txt("msg_perm_adopted_from_itself"),true);
1590  }
1591  else
1592  {
1593  $rbacadmin->deleteRolePermission($this->object->getId(), $this->rolf_ref_id);
1594  $parentRoles = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
1595  $rbacadmin->copyRoleTemplatePermissions(
1596  $_POST["adopt"],
1597  $parentRoles[$_POST["adopt"]]["parent"],
1598  $this->rolf_ref_id,
1599  $this->object->getId(),
1600  false);
1601 
1602  // update object data entry (to update last modification date)
1603  $this->object->update();
1604 
1605  // send info
1606  $obj_data =& $this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
1607  ilUtil::sendSuccess($this->lng->txt("msg_perm_adopted_from1")." '".$obj_data->getTitle()."'.<br/>".
1608  $this->lng->txt("msg_perm_adopted_from2"),true);
1609  }
1610 
1611  $this->ctrl->redirect($this, "perm");
1612  }
1613 
1619  function assignSaveObject()
1620  {
1621  $this->assignUserObject();
1622  }
1623 
1631  function assignUserObject()
1632  {
1633  global $rbacsystem, $rbacadmin, $rbacreview;
1634 
1635  #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
1636  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1637  {
1638  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1639  }
1640 
1641  if (!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
1642  $this->rolf_ref_id != ROLE_FOLDER_ID)
1643  {
1644  $this->ilias->raiseError($this->lng->txt("err_role_not_assignable"),$this->ilias->error_obj->MESSAGE);
1645  }
1646 
1647  if(!isset($_POST["user"]))
1648  {
1649  ilUtil::sendFailure($this->lng->txt("no_checkbox"));
1650  $this->searchObject();
1651 
1652  return false;
1653  }
1654 
1655  $selected_users = $_POST["user"];
1656  $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1657 
1658  // users to assign
1659  $assigned_users_new = array_diff($selected_users,array_intersect($selected_users,$assigned_users_all));
1660 
1661  // selected users all already assigned. stop
1662  if (count($assigned_users_new) == 0)
1663  {
1664  ilUtil::sendFailure($this->lng->txt("rbac_msg_user_already_assigned"));
1665  $this->searchObject();
1666 
1667  return false;
1668  }
1669 
1670  // assign new users
1671  foreach ($assigned_users_new as $user)
1672  {
1673  $rbacadmin->assignUser($this->object->getId(),$user,false);
1674  }
1675 
1676  // update object data entry (to update last modification date)
1677  $this->object->update();
1678 
1679  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"),true);
1680 
1681  $this->ctrl->redirect($this,'userassignment');
1682  }
1683 
1689  public function addUserObject($a_user_ids)
1690  {
1691  global $rbacreview,$rbacadmin;
1692 
1693  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1694  {
1695  ilUtil::sendFailure($this->lng->txt('msg_no_perm_assign_user_to_role'));
1696  return false;
1697  }
1698  if(!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
1699  $this->rolf_ref_id != ROLE_FOLDER_ID)
1700  {
1701  ilUtil::sendFailure($this->lng->txt('err_role_not_assignable'));
1702  return false;
1703  }
1704  if(!$a_user_ids)
1705  {
1706  ilUtil::sendFailure($this->lng->txt("no_checkbox"));
1707  return false;
1708  }
1709 
1710  $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1711 
1712  // users to assign
1713  $assigned_users_new = array_diff($a_user_ids,array_intersect($a_user_ids,$assigned_users_all));
1714 
1715  // selected users all already assigned. stop
1716  if (count($assigned_users_new) == 0)
1717  {
1718  ilUtil::sendFailure($this->lng->txt("rbac_msg_user_already_assigned"));
1719  return false;
1720  }
1721 
1722  // assign new users
1723  foreach ($assigned_users_new as $user)
1724  {
1725  $rbacadmin->assignUser($this->object->getId(),$user,false);
1726  }
1727 
1728  // update object data entry (to update last modification date)
1729  $this->object->update();
1730 
1731  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"),true);
1732  $this->ctrl->redirect($this,'userassignment');
1733  }
1734 
1740  function deassignUserObject()
1741  {
1742  global $rbacsystem, $rbacadmin, $rbacreview;
1743 
1744  #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
1745  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1746  {
1747  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1748  }
1749 
1750  $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
1751 
1752  if ($selected_users[0]=== NULL)
1753  {
1754  $this->ilias->raiseError($this->lng->txt("no_checkbox"),$this->ilias->error_obj->MESSAGE);
1755  }
1756 
1757  // prevent unassignment of system user from system role
1758  if ($this->object->getId() == SYSTEM_ROLE_ID)
1759  {
1760  if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !== false)
1761  unset($selected_users[$admin]);
1762  }
1763 
1764  // check for each user if the current role is his last global role before deassigning him
1765  $last_role = array();
1766  $global_roles = $rbacreview->getGlobalRoles();
1767 
1768  foreach ($selected_users as $user)
1769  {
1770  $assigned_roles = $rbacreview->assignedRoles($user);
1771  $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
1772 
1773  if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
1774  {
1775  $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
1776  $last_role[$user] = $userObj->getFullName();
1777  unset($userObj);
1778  }
1779  }
1780 
1781 
1782  // ... else perform deassignment
1783  foreach ($selected_users as $user)
1784  {
1785  if(!isset($last_role[$user]))
1786  {
1787  $rbacadmin->deassignUser($this->object->getId(), $user);
1788  }
1789  }
1790 
1791  // update object data entry (to update last modification date)
1792  $this->object->update();
1793 
1794  // raise error if last role was taken from a user...
1795  if(count($last_role))
1796  {
1797  $user_list = implode(", ",$last_role);
1798  ilUtil::sendFailure($this->lng->txt('msg_is_last_role').': '.$user_list.'<br />'.$this->lng->txt('msg_min_one_role'),true);
1799  }
1800  else
1801  {
1802  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"), true);
1803  }
1804  $this->ctrl->redirect($this,'userassignment');
1805  }
1806 
1812  function updateObject2()
1813  {
1814  global $rbacsystem, $rbacreview, $rbacadmin, $tree;
1815  require_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
1816  require_once 'classes/class.ilFormat.php';
1817 
1818  // for role administration check write of global role folder
1819  /*
1820  if ($this->rolf_ref_id == ROLE_FOLDER_ID)
1821  {
1822  $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
1823  }
1824  else // for local roles check 'edit permission' of parent object of the local role folder
1825  {
1826  $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
1827  }
1828  */
1829  $access = $this->checkAccess('write','edit_permission');
1830  if (!$access)
1831  {
1832  $this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_role"),$this->ilias->error_obj->MESSAGE);
1833  }
1834 
1835  if (substr($this->object->getTitle(),0,3) != "il_")
1836  {
1837  // check required fields
1838  if (empty($_POST["Fobject"]["title"]))
1839  {
1840  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
1841  }
1842 
1843  // check if role title has il_ prefix
1844  if (substr($_POST["Fobject"]["title"],0,3) == "il_")
1845  {
1846  $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
1847  }
1848  if (ilDiskQuotaActivationChecker::_isActive())
1849  {
1850  // check if disk quota is empty or is numeric and positive
1851  if (! is_numeric(trim($_POST["Fobject"]["disk_quota"])) ||
1852  trim($_POST["Fobject"]["disk_quota"]) < 0
1853  )
1854  {
1855  $this->ilias->raiseError($this->lng->txt("msg_disk_quota_illegal_value"),$this->ilias->error_obj->MESSAGE);
1856  }
1857  }
1858 
1859 
1860 
1861  // update
1862  $this->object->setTitle(ilUtil::stripSlashes($_POST["Fobject"]["title"]));
1863  $this->object->setDescription(ilUtil::stripSlashes($_POST["Fobject"]["desc"]));
1864  if (ilDiskQuotaActivationChecker::_isActive())
1865  {
1866  $this->object->setDiskQuota($_POST["Fobject"]["disk_quota"] * ilFormat::_getSizeMagnitude() * ilFormat::_getSizeMagnitude());
1867  }
1868  }
1869 
1870 
1871 
1872  // ensure that at least one role is available in the new user register form if registration is enabled
1873  if ($_POST["Fobject"]["allow_register"] == "")
1874  {
1875  $roles_allowed = $this->object->_lookupRegisterAllowed();
1876 
1877  if (count($roles_allowed) == 1 and $roles_allowed[0]['id'] == $this->object->getId())
1878  {
1879  $this->ilias->raiseError($this->lng->txt("msg_last_role_for_registration"),$this->ilias->error_obj->MESSAGE);
1880  }
1881  }
1882 
1883  $this->object->setAllowRegister($_POST["Fobject"]["allow_register"]);
1884  $this->object->toggleAssignUsersStatus($_POST["Fobject"]["assign_users"]);
1885  $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST["Fobject"]["protect_permissions"]));
1886  $this->object->update();
1887 
1888  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1889 
1890  $this->ctrl->redirect($this,'edit');
1891  }
1892 
1893 
1897  function userassignmentObject()
1898  {
1899  global $rbacreview, $rbacsystem;
1900 
1901  //if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
1902  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1903  {
1904  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1905  }
1906 
1907  $this->tabs_gui->setTabActive('user_assignment');
1908 
1909  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.rbac_ua.html','Services/AccessControl');
1910 
1911  include_once './Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1912  $tb = new ilToolbarGUI();
1913  $tb->setFormAction($this->ctrl->getFormAction($this));
1914  $tb->addButton(
1915  $this->lng->txt('role_add_user'),
1916  $this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI','start')
1917  );
1918  $tb->addSpacer();
1919  $tb->addButton(
1920  $this->lng->txt('role_mailto'),
1921  $this->ctrl->getLinkTarget($this,'mailToRole')
1922  );
1923  $this->tpl->setVariable('BUTTONS_UA',$tb->getHTML());
1924 
1925  include_once './Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1926  $ut = new ilAssignedUsersTableGUI($this,'userassignment',$this->object->getId());
1927 
1928  $this->tpl->setVariable('TABLE_UA',$ut->getHTML());
1929 
1930  return true;
1931 
1932  }
1933 
1934  function __showAssignedUsersTable($a_result_set,$a_user_ids = NULL)
1935  {
1936  global $rbacsystem;
1937 
1938  $actions = array("deassignUser" => $this->lng->txt("remove"));
1939 
1940  $tbl =& $this->__initTableGUI();
1941  $tpl =& $tbl->getTemplateObject();
1942 
1943  $this->tpl->addBlockfile("BUTTONS", "buttons", "tpl.buttons.html");
1944 
1945  // display button add user
1946  $this->tpl->setCurrentBlock("btn_cell");
1947  $this->tpl->setVariable("BTN_LINK",$this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI','start'));
1948  $this->tpl->setVariable("BTN_TXT",$this->lng->txt('role_add_user'));
1949  $this->tpl->parseCurrentBlock();
1950 
1951  $this->__showButton('mailToRole',$this->lng->txt('role_mailto'),'_blank');
1952 
1953  $tpl->setCurrentBlock("tbl_form_header");
1954  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
1955  $tpl->parseCurrentBlock();
1956 
1957  $tpl->setCurrentBlock("tbl_action_row");
1958 
1959  $tpl->setVariable("COLUMN_COUNTS",5);
1960  $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("arrow_downright.gif"));
1961 
1962  foreach ($actions as $name => $value)
1963  {
1964  $tpl->setCurrentBlock("tbl_action_btn");
1965  $tpl->setVariable("BTN_NAME",$name);
1966  $tpl->setVariable("BTN_VALUE",$value);
1967  $tpl->parseCurrentBlock();
1968  }
1969 
1970  if (!empty($a_user_ids))
1971  {
1972  // set checkbox toggles
1973  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
1974  $tpl->setVariable("JS_VARNAME","user_id");
1975  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
1976  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
1977  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
1978  $tpl->parseCurrentBlock();
1979  }
1980 
1981  $tpl->setVariable("TPLPATH",$this->tpl->tplPath);
1982  $this->ctrl->setParameter($this,"cmd","userassignment");
1983 
1984  // title & header columns
1985  $tbl->setTitle($this->lng->txt("assigned_users"),"icon_usr.gif",$this->lng->txt("users"));
1986 
1987  //user must be administrator
1988  $tbl->setHeaderNames(array("",$this->lng->txt("username"),$this->lng->txt("firstname"),
1989  $this->lng->txt("lastname"),$this->lng->txt("grp_options")));
1990  $tbl->setHeaderVars(array("","login","firstname","lastname","functions"),
1991  $this->ctrl->getParameterArray($this,"",false));
1992  $tbl->setColumnWidth(array("","20%","25%","25%","30%"));
1993 
1994  $this->__setTableGUIBasicData($tbl,$a_result_set,"userassignment");
1995  $tbl->render();
1996  $this->tpl->setVariable("ADM_CONTENT",$tbl->tpl->get());
1997 
1998  return true;
1999  }
2000 
2001  function &__initTableGUI()
2002  {
2003  include_once "./Services/Table/classes/class.ilTableGUI.php";
2004 
2005  return new ilTableGUI(0,false);
2006  }
2007 
2008  function __setTableGUIBasicData(&$tbl,&$result_set,$from = "")
2009  {
2010  switch($from)
2011  {
2012  case "group":
2013  $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
2014  break;
2015 
2016  case "role":
2017  $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
2018  break;
2019 
2020  default:
2021  // init sort_by (unfortunatly sort_by is preset with 'title')
2022  if ($_GET["sort_by"] == "title" or empty($_GET["sort_by"]))
2023  {
2024  $_GET["sort_by"] = "login";
2025  }
2026  $order = $_GET["sort_by"];
2027  break;
2028  }
2029 
2030  $tbl->setOrderColumn($order);
2031  $tbl->setOrderDirection($_GET["sort_order"]);
2032  $tbl->setOffset($_GET["offset"]);
2033  $tbl->setLimit($_GET["limit"]);
2034  $tbl->setFooter("tblfooter",$this->lng->txt("previous"),$this->lng->txt("next"));
2035  $tbl->setData($result_set);
2036  }
2037 
2038  function searchUserFormObject()
2039  {
2040  global $rbacsystem;
2041 
2042  //if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
2043  if(!$this->checkAccess('edit_userassignment','edit_permission'))
2044  {
2045  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
2046  }
2047 
2048  $this->lng->loadLanguageModule('search');
2049 
2050  $this->tpl->addBlockFile("ADM_CONTENT","adm_content","tpl.role_users_search.html");
2051 
2052  $this->tpl->setVariable("F_ACTION",$this->ctrl->getFormAction($this));
2053  $this->tpl->setVariable("SEARCH_ASSIGN_USR",$this->lng->txt("role_search_users"));
2054  $this->tpl->setVariable("SEARCH_SEARCH_TERM",$this->lng->txt("search_search_term"));
2055  $this->tpl->setVariable("SEARCH_VALUE",$_SESSION["role_search_str"] ? $_SESSION["role_search_str"] : "");
2056  $this->tpl->setVariable("SEARCH_FOR",$this->lng->txt("exc_search_for"));
2057  $this->tpl->setVariable("SEARCH_ROW_TXT_USER",$this->lng->txt("exc_users"));
2058  $this->tpl->setVariable("SEARCH_ROW_TXT_ROLE",$this->lng->txt("exc_roles"));
2059  $this->tpl->setVariable("SEARCH_ROW_TXT_GROUP",$this->lng->txt("exc_groups"));
2060  $this->tpl->setVariable("BTN2_VALUE",$this->lng->txt("cancel"));
2061  $this->tpl->setVariable("BTN1_VALUE",$this->lng->txt("search"));
2062 
2063  $usr = ($_POST["search_for"] == "usr" || $_POST["search_for"] == "") ? 1 : 0;
2064  $grp = ($_POST["search_for"] == "grp") ? 1 : 0;
2065  $role = ($_POST["search_for"] == "role") ? 1 : 0;
2066 
2067  $this->tpl->setVariable("SEARCH_ROW_CHECK_USER",ilUtil::formRadioButton($usr,"search_for","usr"));
2068  $this->tpl->setVariable("SEARCH_ROW_CHECK_ROLE",ilUtil::formRadioButton($role,"search_for","role"));
2069  $this->tpl->setVariable("SEARCH_ROW_CHECK_GROUP",ilUtil::formRadioButton($grp,"search_for","grp"));
2070 
2071  $this->__unsetSessionVariables();
2072  }
2073 
2074  function __unsetSessionVariables()
2075  {
2076  unset($_SESSION["role_delete_member_ids"]);
2077  unset($_SESSION["role_delete_subscriber_ids"]);
2078  unset($_SESSION["role_search_str"]);
2079  unset($_SESSION["role_search_for"]);
2080  unset($_SESSION["role_role"]);
2081  unset($_SESSION["role_group"]);
2082  unset($_SESSION["role_archives"]);
2083  }
2084 
2089  function cancelObject()
2090  {
2091  if ($_GET["new_type"] != "role")
2092  {
2093  $this->ctrl->redirect($this, "userassignment");
2094  }
2095  else
2096  {
2097  $this->ctrl->redirectByClass("ilobjrolefoldergui","view");
2098  }
2099  }
2100 
2101  function searchObject()
2102  {
2103  global $rbacsystem, $tree;
2104 
2105  #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
2106  if(!$this->checkAccess('edit_userassignment','edit_permission'))
2107  {
2108  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
2109  }
2110 
2111  $_SESSION["role_search_str"] = $_POST["search_str"] = $_POST["search_str"] ? $_POST["search_str"] : $_SESSION["role_search_str"];
2112  $_SESSION["role_search_for"] = $_POST["search_for"] = $_POST["search_for"] ? $_POST["search_for"] : $_SESSION["role_search_for"];
2113 
2114  if (!isset($_POST["search_for"]) or !isset($_POST["search_str"]))
2115  {
2116  ilUtil::sendFailure($this->lng->txt("role_search_enter_search_string"));
2117  $this->searchUserFormObject();
2118 
2119  return false;
2120  }
2121 
2122  if (!count($result = $this->__search(ilUtil::stripSlashes($_POST["search_str"]),$_POST["search_for"])))
2123  {
2124  ilUtil::sendInfo($this->lng->txt("role_no_results_found"));
2125  $this->searchUserFormObject();
2126 
2127  return false;
2128  }
2129 
2130  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
2131  $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
2132 
2133  $counter = 0;
2134  $f_result = array();
2135 
2136  switch($_POST["search_for"])
2137  {
2138  case "usr":
2139  foreach($result as $user)
2140  {
2141  if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user["id"],false))
2142  {
2143  continue;
2144  }
2145 
2146  $user_ids[$counter] = $user["id"];
2147 
2148  $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user["id"]);
2149  $f_result[$counter][] = $tmp_obj->getLogin();
2150  $f_result[$counter][] = $tmp_obj->getFirstname();
2151  $f_result[$counter][] = $tmp_obj->getLastname();
2152 
2153  unset($tmp_obj);
2154  ++$counter;
2155  }
2156  $this->__showSearchUserTable($f_result,$user_ids);
2157 
2158  return true;
2159 
2160  case "role":
2161  foreach($result as $role)
2162  {
2163  // exclude anonymous role
2164  if ($role["id"] == ANONYMOUS_ROLE_ID)
2165  {
2166  continue;
2167  }
2168 
2169  if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($role["id"],false))
2170  {
2171  continue;
2172  }
2173 
2174  // exclude roles with no users assigned to
2175  if ($tmp_obj->getCountMembers() == 0)
2176  {
2177  continue;
2178  }
2179 
2180  $role_ids[$counter] = $role["id"];
2181 
2182  $f_result[$counter][] = ilUtil::formCheckbox(0,"role[]",$role["id"]);
2183  $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
2184  $f_result[$counter][] = $tmp_obj->getCountMembers();
2185 
2186  unset($tmp_obj);
2187  ++$counter;
2188  }
2189 
2190  $this->__showSearchRoleTable($f_result,$role_ids);
2191 
2192  return true;
2193 
2194  case "grp":
2195  foreach($result as $group)
2196  {
2197  if(!$tree->isInTree($group["id"]))
2198  {
2199  continue;
2200  }
2201 
2202  if(!$tmp_obj = ilObjectFactory::getInstanceByRefId($group["id"],false))
2203  {
2204  continue;
2205  }
2206 
2207  // exclude myself :-)
2208  if ($tmp_obj->getId() == $this->object->getId())
2209  {
2210  continue;
2211  }
2212 
2213  $grp_ids[$counter] = $group["id"];
2214 
2215  $f_result[$counter][] = ilUtil::formCheckbox(0,"group[]",$group["id"]);
2216  $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
2217  $f_result[$counter][] = $tmp_obj->getCountMembers();
2218 
2219  unset($tmp_obj);
2220  ++$counter;
2221  }
2222  $this->__showSearchGroupTable($f_result,$grp_ids);
2223 
2224  return true;
2225  }
2226  }
2227 
2228  function __search($a_search_string,$a_search_for)
2229  {
2230  include_once("./classes/class.ilSearch.php");
2231 
2232  $this->lng->loadLanguageModule("content");
2233  $search =& new ilSearch($_SESSION["AccountId"]);
2234  $search->setPerformUpdate(false);
2235  $search->setSearchString(ilUtil::stripSlashes($a_search_string));
2236  $search->setCombination("and");
2237  $search->setSearchFor(array(0 => $a_search_for));
2238  $search->setSearchType('new');
2239 
2240  if ($search->validate($message))
2241  {
2242  $search->performSearch();
2243  }
2244  else
2245  {
2246  ilUtil::sendInfo($message,true);
2247  $this->ctrl->redirect($this,"searchUserForm");
2248  }
2249 
2250  return $search->getResultByType($a_search_for);
2251  }
2252 
2253  function __showSearchUserTable($a_result_set,$a_user_ids = NULL,$a_cmd = "search")
2254  {
2255  $return_to = "searchUserForm";
2256 
2257  if ($a_cmd == "listUsersRole" or $a_cmd == "listUsersGroup")
2258  {
2259  $return_to = "search";
2260  }
2261 
2262  $tbl =& $this->__initTableGUI();
2263  $tpl =& $tbl->getTemplateObject();
2264 
2265  // SET FORMACTION
2266  $tpl->setCurrentBlock("tbl_form_header");
2267  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
2268  $tpl->parseCurrentBlock();
2269 
2270  $tpl->setCurrentBlock("tbl_action_btn");
2271  $tpl->setVariable("BTN_NAME",$return_to);
2272  $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
2273  $tpl->parseCurrentBlock();
2274 
2275  $tpl->setCurrentBlock("tbl_action_btn");
2276  $tpl->setVariable("BTN_NAME","assignUser");
2277  $tpl->setVariable("BTN_VALUE",$this->lng->txt("add"));
2278  $tpl->parseCurrentBlock();
2279 
2280  if (!empty($a_user_ids))
2281  {
2282  // set checkbox toggles
2283  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
2284  $tpl->setVariable("JS_VARNAME","user");
2285  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
2286  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
2287  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
2288  $tpl->parseCurrentBlock();
2289  }
2290 
2291  $tpl->setCurrentBlock("tbl_action_row");
2292  $tpl->setVariable("COLUMN_COUNTS",4);
2293  $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
2294  $tpl->parseCurrentBlock();
2295 
2296  $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
2297  $tbl->setHeaderNames(array("",
2298  $this->lng->txt("username"),
2299  $this->lng->txt("firstname"),
2300  $this->lng->txt("lastname")));
2301  $tbl->setHeaderVars(array("",
2302  "login",
2303  "firstname",
2304  "lastname"),
2305  $this->ctrl->getParameterArray($this,$a_cmd,false));
2306  //array("ref_id" => $this->rolf_ref_id,
2307  // "obj_id" => $this->object->getId(),
2308  // "cmd" => $a_cmd,
2309  //"cmdClass" => "ilobjrolegui",
2310  // "cmdNode" => $_GET["cmdNode"]));
2311 
2312  $tbl->setColumnWidth(array("","33%","33%","33%"));
2313 
2314  $this->__setTableGUIBasicData($tbl,$a_result_set);
2315  $tbl->render();
2316 
2317  $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
2318 
2319  return true;
2320  }
2321 
2322  function __showSearchRoleTable($a_result_set,$a_role_ids = NULL)
2323  {
2324  $tbl =& $this->__initTableGUI();
2325  $tpl =& $tbl->getTemplateObject();
2326 
2327  $tpl->setCurrentBlock("tbl_form_header");
2328  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
2329  $tpl->parseCurrentBlock();
2330 
2331  $tpl->setCurrentBlock("tbl_action_btn");
2332  $tpl->setVariable("BTN_NAME","searchUserForm");
2333  $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
2334  $tpl->parseCurrentBlock();
2335 
2336  $tpl->setCurrentBlock("tbl_action_btn");
2337  $tpl->setVariable("BTN_NAME","listUsersRole");
2338  $tpl->setVariable("BTN_VALUE",$this->lng->txt("role_list_users"));
2339  $tpl->parseCurrentBlock();
2340 
2341  if (!empty($a_role_ids))
2342  {
2343  // set checkbox toggles
2344  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
2345  $tpl->setVariable("JS_VARNAME","role");
2346  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_role_ids));
2347  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
2348  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
2349  $tpl->parseCurrentBlock();
2350  }
2351 
2352  $tpl->setCurrentBlock("tbl_action_row");
2353  $tpl->setVariable("COLUMN_COUNTS",4);
2354  $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
2355  $tpl->parseCurrentBlock();
2356 
2357  $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
2358  $tbl->setHeaderNames(array("",
2359  $this->lng->txt("obj_role"),
2360  $this->lng->txt("role_count_users")));
2361  $tbl->setHeaderVars(array("",
2362  "title",
2363  "nr_members"),
2364  $this->ctrl->getParameterArray($this,"search",false));
2365  //array("ref_id" => $this->rolf_ref_id,
2366  //"obj_id" => $this->object->getId(),
2367  //"cmd" => "search",
2368  //"cmdClass" => "ilobjrolegui",
2369  //"cmdNode" => $_GET["cmdNode"]));
2370 
2371  $tbl->setColumnWidth(array("","80%","19%"));
2372 
2373 
2374  $this->__setTableGUIBasicData($tbl,$a_result_set,"role");
2375  $tbl->render();
2376 
2377  $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
2378 
2379  return true;
2380  }
2381 
2382  function __showSearchGroupTable($a_result_set,$a_grp_ids = NULL)
2383  {
2384  $tbl =& $this->__initTableGUI();
2385  $tpl =& $tbl->getTemplateObject();
2386 
2387  $tpl->setCurrentBlock("tbl_form_header");
2388  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
2389  $tpl->parseCurrentBlock();
2390 
2391  $tpl->setCurrentBlock("tbl_action_btn");
2392  $tpl->setVariable("BTN_NAME","searchUserForm");
2393  $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
2394  $tpl->parseCurrentBlock();
2395 
2396  $tpl->setCurrentBlock("tbl_action_btn");
2397  $tpl->setVariable("BTN_NAME","listUsersGroup");
2398  $tpl->setVariable("BTN_VALUE",$this->lng->txt("grp_list_users"));
2399  $tpl->parseCurrentBlock();
2400 
2401  if (!empty($a_grp_ids))
2402  {
2403  // set checkbox toggles
2404  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
2405  $tpl->setVariable("JS_VARNAME","group");
2406  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_grp_ids));
2407  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
2408  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
2409  $tpl->parseCurrentBlock();
2410  }
2411 
2412  $tpl->setCurrentBlock("tbl_action_row");
2413  $tpl->setVariable("COLUMN_COUNTS",4);
2414  $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
2415  $tpl->parseCurrentBlock();
2416 
2417  $tbl->setTitle($this->lng->txt("grp_header_edit_members"),"icon_usr.gif",$this->lng->txt("grp_header_edit_members"));
2418  $tbl->setHeaderNames(array("",
2419  $this->lng->txt("obj_grp"),
2420  $this->lng->txt("grp_count_members")));
2421  $tbl->setHeaderVars(array("",
2422  "title",
2423  "nr_members"),
2424  array("ref_id" => $this->rolf_ref_id,
2425  "obj_id" => $this->object->getId(),
2426  "cmd" => "search",
2427  "cmdClass" => "ilobjrolegui",
2428  "cmdNode" => $_GET["cmdNode"]));
2429 
2430  $tbl->setColumnWidth(array("","80%","19%"));
2431 
2432 
2433  $this->__setTableGUIBasicData($tbl,$a_result_set,"group");
2434  $tbl->render();
2435 
2436  $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
2437 
2438  return true;
2439  }
2440 
2441  function listUsersRoleObject()
2442  {
2443  global $rbacsystem,$rbacreview;
2444 
2445  $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
2446 
2447  if (!is_array($_POST["role"]))
2448  {
2449  ilUtil::sendFailure($this->lng->txt("role_no_roles_selected"));
2450  $this->searchObject();
2451 
2452  return false;
2453  }
2454 
2455  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
2456  $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
2457 
2458  // GET ALL MEMBERS
2459  $members = array();
2460 
2461  foreach ($_POST["role"] as $role_id)
2462  {
2463  $members = array_merge($rbacreview->assignedUsers($role_id),$members);
2464  }
2465 
2466  $members = array_unique($members);
2467 
2468  // FORMAT USER DATA
2469  $counter = 0;
2470  $f_result = array();
2471 
2472  foreach($members as $user)
2473  {
2474  if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
2475  {
2476  continue;
2477  }
2478 
2479  $user_ids[$counter] = $user;
2480 
2481  // TODO: exclude anonymous user
2482  $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
2483  $f_result[$counter][] = $tmp_obj->getLogin();
2484  $f_result[$counter][] = $tmp_obj->getFirstname();
2485  $f_result[$counter][] = $tmp_obj->getLastname();
2486 
2487  unset($tmp_obj);
2488  ++$counter;
2489  }
2490 
2491  $this->__showSearchUserTable($f_result,$user_ids,"listUsersRole");
2492 
2493  return true;
2494  }
2495 
2496  function listUsersGroupObject()
2497  {
2498  global $rbacsystem,$rbacreview,$tree;
2499 
2500  $_SESSION["role_group"] = $_POST["group"] = $_POST["group"] ? $_POST["group"] : $_SESSION["role_group"];
2501 
2502  if (!is_array($_POST["group"]))
2503  {
2504  ilUtil::sendFailure($this->lng->txt("role_no_groups_selected"));
2505  $this->searchObject();
2506 
2507  return false;
2508  }
2509 
2510  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
2511  $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
2512 
2513  // GET ALL MEMBERS
2514  $members = array();
2515 
2516  foreach ($_POST["group"] as $group_id)
2517  {
2518  if (!$tree->isInTree($group_id))
2519  {
2520  continue;
2521  }
2522  if (!$tmp_obj = ilObjectFactory::getInstanceByRefId($group_id))
2523  {
2524  continue;
2525  }
2526 
2527  $members = array_merge($tmp_obj->getGroupMemberIds(),$members);
2528 
2529  unset($tmp_obj);
2530  }
2531 
2532  $members = array_unique($members);
2533 
2534  // FORMAT USER DATA
2535  $counter = 0;
2536  $f_result = array();
2537 
2538  foreach($members as $user)
2539  {
2540  if (!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
2541  {
2542  continue;
2543  }
2544 
2545  $user_ids[$counter] = $user;
2546 
2547  $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
2548  $f_result[$counter][] = $tmp_obj->getLogin();
2549  $f_result[$counter][] = $tmp_obj->getFirstname();
2550  $f_result[$counter][] = $tmp_obj->getLastname();
2551 
2552  unset($tmp_obj);
2553  ++$counter;
2554  }
2555 
2556  $this->__showSearchUserTable($f_result,$user_ids,"listUsersGroup");
2557 
2558  return true;
2559  }
2560 
2561 
2562  function __formatPath($a_path_arr)
2563  {
2564  $counter = 0;
2565 
2566  foreach ($a_path_arr as $data)
2567  {
2568  if ($counter++)
2569  {
2570  $path .= " -> ";
2571  }
2572 
2573  $path .= $data['title'];
2574  }
2575 
2576  if (strlen($path) > 50)
2577  {
2578  return '...'.substr($path,-50);
2579  }
2580 
2581  return $path;
2582  }
2583 
2584  function __prepareOutput()
2585  {
2586  // output objects
2587  //$this->tpl->addBlockFile("CONTENT", "content", "tpl.role.html");
2588  $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
2589  $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
2590 
2591  // output locator
2592  //$this->__setLocator();
2593 
2594  // output message
2595  if ($this->message)
2596  {
2597  ilUtil::sendInfo($this->message);
2598  }
2599 
2600  // display infopanel if something happened
2601  ilUtil::infoPanel();
2602 
2603  // set header
2604  $this->__setHeader();
2605  }
2606 
2607  function __setHeader()
2608  {
2609  include_once './classes/class.ilTabsGUI.php';
2610 
2611  $this->tpl->setTitle($this->lng->txt('role'));
2612  $this->tpl->setDescription($this->object->getTitle());
2613  $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.gif"));
2614 
2615  #$tabs_gui =& new ilTabsGUI();
2616  $this->getTabs($this->tabs_gui);
2617 
2618  // output tabs
2619  #$this->tpl->setVariable("TABS", $tabs_gui->getHTML());
2620  }
2621 
2622  function __setLocator()
2623  {
2624  global $tree, $ilias_locator;
2625 
2626  return;
2627 
2628  $this->tpl->addBlockFile("LOCATOR", "locator", "tpl.locator.html", "Services/Locator");
2629 
2630  $counter = 0;
2631 
2632  foreach ($tree->getPathFull($this->rolf_ref_id) as $key => $row)
2633  {
2634  if ($counter++)
2635  {
2636  $this->tpl->touchBlock('locator_separator_prefix');
2637  }
2638 
2639  $this->tpl->setCurrentBlock("locator_item");
2640 
2641  if ($row["type"] == 'rolf')
2642  {
2643  $this->tpl->setVariable("ITEM",$this->object->getTitle());
2644  $this->tpl->setVariable("LINK_ITEM",$this->ctrl->getLinkTarget($this));
2645  }
2646  elseif ($row["child"] != $tree->getRootId())
2647  {
2648  $this->tpl->setVariable("ITEM", $row["title"]);
2649  $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
2650  }
2651  else
2652  {
2653  $this->tpl->setVariable("ITEM", $this->lng->txt("repository"));
2654  $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
2655  }
2656 
2657  $this->tpl->parseCurrentBlock();
2658  }
2659 
2660  $this->tpl->setVariable("TXT_LOCATOR",$this->lng->txt("locator"));
2661  $this->tpl->parseCurrentBlock();
2662  }
2663 
2668  function addAdminLocatorItems()
2669  {
2670  global $ilLocator;
2671 
2672  if ($_GET["admin_mode"] == "settings"
2673  && $_GET["ref_id"] == ROLE_FOLDER_ID) // system settings
2674  {
2675  $ilLocator->addItem($this->lng->txt("administration"),
2676  $this->ctrl->getLinkTargetByClass("iladministrationgui", "frameset"),
2677  ilFrameTargetInfo::_getFrame("MainContent"));
2678 
2679  $ilLocator->addItem($this->lng->txt("obj_".ilObject::_lookupType(
2680  ilObject::_lookupObjId($_GET["ref_id"]))),
2681  $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
2682 
2683  if ($_GET["obj_id"] > 0)
2684  {
2685  $ilLocator->addItem($this->object->getTitle(),
2686  $this->ctrl->getLinkTarget($this, "view"));
2687  }
2688  }
2689  else // repository administration
2690  {
2691  // ?
2692  }
2693  }
2694 
2695  function showUpperIcon()
2696  {
2697  global $tree, $tpl, $objDefinition;
2698 
2699  return parent::showUpperIcon();
2700 
2701  if (strtolower($_GET["baseClass"]) == "iladministrationgui")
2702  {
2703  if ($_GET["admin_mode"] == "settings"
2704  && $_GET["ref_id"] != SYSTEM_FOLDER_ID)
2705  {
2706  $tpl->setUpperIcon(
2707  $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
2708  }
2709  }
2710  else
2711  {
2712  if ($this->object->getRefId() != ROOT_FOLDER_ID &&
2713  $this->object->getRefId() != SYSTEM_FOLDER_ID)
2714  {
2715  $par_id = $tree->getParentId($this->object->getRefId());
2716  $tpl->setUpperIcon("repository.php?ref_id=".$par_id);
2717  }
2718  }
2719  }
2720 
2721 
2722 
2723  function getTabs(&$tabs_gui)
2724  {
2725  global $rbacsystem,$rbacreview;
2726 
2727  $base_role_folder = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
2728 
2729 //var_dump($base_role_folder);
2730 //echo "-".$this->rolf_ref_id."-";
2731 
2732  $activate_role_edit = false;
2733 
2734  // todo: activate the following (allow editing of local roles in
2735  // roles administration)
2736  //if (in_array($this->rolf_ref_id,$base_role_folder))
2737  if (in_array($this->rolf_ref_id,$base_role_folder) ||
2738  (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
2739  $_GET["admin_mode"] == "settings"))
2740  {
2741  $activate_role_edit = true;
2742  }
2743 
2744  // not so nice (workaround for using tabs in repository)
2745  $tabs_gui->clearTargets();
2746 
2747  if ($this->back_target != "")
2748  {
2749  $tabs_gui->setBackTarget(
2750  $this->back_target["text"],$this->back_target["link"]);
2751  }
2752 
2753  if($this->checkAccess('write','edit_permission') && $activate_role_edit)
2754  {
2755  $tabs_gui->addTarget("edit_properties",
2756  $this->ctrl->getLinkTarget($this, "edit"), array("edit","update"), get_class($this));
2757  }
2758 /*
2759  if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
2760  {
2761  $force_active = ($_GET["cmd"] == "perm" || $_GET["cmd"] == "")
2762  ? true
2763  : false;
2764  $tabs_gui->addTarget("default_perm_settings",
2765  $this->ctrl->getLinkTarget($this, "perm"), array("perm", "adoptPermSave", "permSave"),
2766  get_class($this),
2767  "", $force_active);
2768  }
2769 */
2770  if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
2771  {
2772  $tabs_gui->addTarget(
2773  "default_perm_settings",
2774  $this->ctrl->getLinkTarget($this, "perm"), array(),get_class($this)
2775  );
2776  }
2777 
2778  if($this->checkAccess('write','edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
2779  {
2780  $tabs_gui->addTarget("user_assignment",
2781  $this->ctrl->getLinkTarget($this, "userassignment"),
2782  array("deassignUser", "userassignment", "assignUser", "searchUserForm", "search"),
2783  get_class($this));
2784  }
2785 
2786  if($this->checkAccess('write','edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
2787  {
2788  $tabs_gui->addTarget("desktop_items",
2789  $this->ctrl->getLinkTarget($this, "listDesktopItems"),
2790  array("listDesktopItems", "deleteDesktopItems", "selectDesktopItem", "askDeleteDesktopItem"),
2791  get_class($this));
2792  }
2793  }
2794 
2795  function mailToRoleObject()
2796  {
2797  global $rbacreview;
2798 
2799  $obj_ids = ilObject::_getIdsForTitle($this->object->getTitle(), $this->object->getType());
2800  if(count($obj_ids) > 1)
2801  {
2802  $_SESSION['mail_roles'][] = '#il_role_'.$this->object->getId();
2803  }
2804  else
2805  {
2806  $_SESSION['mail_roles'][] = $rbacreview->getRoleMailboxAddress($this->object->getId());
2807  }
2808 
2809  require_once 'Services/Mail/classes/class.ilMailFormCall.php';
2810  $script = ilMailFormCall::_getRedirectTarget($this, 'userassignment', array(), array('type' => 'role'));
2811  ilUtil::redirect($script);
2812  }
2813 
2814  function checkAccess($a_perm_global,$a_perm_obj = '')
2815  {
2816  global $rbacsystem,$ilAccess;
2817 
2818  $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
2819 
2820  if($this->rolf_ref_id == ROLE_FOLDER_ID)
2821  {
2822  return $rbacsystem->checkAccess($a_perm_global,$this->rolf_ref_id);
2823  }
2824  else
2825  {
2826  return $ilAccess->checkAccess($a_perm_obj,'',$this->obj_ref_id);
2827  }
2828  }
2829 
2834  protected function isChangeExistingObjectsConfirmationRequired()
2835  {
2836  global $rbacreview;
2837 
2838  if(!(int) $_POST['recursive'] and !is_array($_POST['recursive_list']))
2839  {
2840  return false;
2841  }
2842 
2843  // Role is protected
2844  if($rbacreview->isProtected($this->rolf_ref_id, $this->object->getId()))
2845  {
2846  // TODO: check if recursive_list is enabled
2847  // and if yes: check if inheritance is broken for the relevant object types
2848  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
2849  }
2850  else
2851  {
2852  // TODO: check if recursive_list is enabled
2853  // and if yes: check if inheritance is broken for the relevant object types
2854  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
2855  }
2856  }
2857 
2862  protected function showChangeExistingObjectsConfirmation()
2863  {
2864  $protected = $_POST['protected'];
2865 
2866  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
2867  $form = new ilPropertyFormGUI();
2868  $form->setFormAction($this->ctrl->getFormAction($this,'changeExistingObjects'));
2869  $form->setTitle($this->lng->txt('rbac_change_existing_confirm_tbl'));
2870 
2871  $form->addCommandButton('changeExistingObjects', $this->lng->txt('change_existing_objects'));
2872  $form->addCommandButton('perm',$this->lng->txt('cancel'));
2873 
2874  $hidden = new ilHiddenInputGUI('type_filter');
2875  $hidden->setValue(
2876  $_POST['recursive'] ?
2877  serialize(array('all')) :
2878  serialize($_POST['recursive_list'])
2879  );
2880  $form->addItem($hidden);
2881 
2882  $rad = new ilRadioGroupInputGUI($this->lng->txt('rbac_local_policies'),'mode');
2883 
2884  if($protected)
2885  {
2886  $rad->setValue(ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES);
2887  $keep = new ilRadioOption(
2888  $this->lng->txt('rbac_keep_local_policies'),
2889  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
2890  $this->lng->txt('rbac_keep_local_policies_info')
2891  );
2892  }
2893  else
2894  {
2895  $rad->setValue(ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES);
2896  $keep = new ilRadioOption(
2897  $this->lng->txt('rbac_keep_local_policies'),
2898  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
2899  $this->lng->txt('rbac_unprotected_keep_local_policies_info')
2900  );
2901 
2902  }
2903  $rad->addOption($keep);
2904 
2905  if($protected)
2906  {
2907  $del = new ilRadioOption(
2908  $this->lng->txt('rbac_delete_local_policies'),
2909  ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES,
2910  $this->lng->txt('rbac_delete_local_policies_info')
2911  );
2912  }
2913  else
2914  {
2915  $del = new ilRadioOption(
2916  $this->lng->txt('rbac_delete_local_policies'),
2917  ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES,
2918  $this->lng->txt('rbac_unprotected_delete_local_policies_info')
2919  );
2920  }
2921  $rad->addOption($del);
2922 
2923  $form->addItem($rad);
2924  $this->tpl->setContent($form->getHTML());
2925  }
2926 
2931  protected function changeExistingObjectsObject()
2932  {
2933  global $tree,$rbacreview,$rbacadmin;
2934 
2935  $mode = (int) $_POST['mode'];
2936  $start = ($this->rolf_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $tree->getParentId($this->rolf_ref_id));
2937  $this->object->changeExistingObjects($start,$mode,unserialize(ilUtil::stripSlashes($_POST['type_filter'])));
2938 
2939  ilUtil::sendSuccess($this->lng->txt('settings_saved'),true);
2940  $this->ctrl->redirect($this,'perm');
2941  }
2942 
2948  protected function setSubTabs($a_tab)
2949  {
2950  global $ilTabs;
2951 
2952  switch($a_tab)
2953  {
2954  case 'default_perm_settings':
2955  if($this->rolf_ref_id != ROLE_FOLDER_ID)
2956  {
2957  return true;
2958  }
2959  $ilTabs->addSubTabTarget(
2960  'rbac_repository_permissions',
2961  $this->ctrl->getLinkTarget($this,'perm')
2962  );
2963  $ilTabs->addSubTabTarget(
2964  'rbac_admin_permissions',
2965  $this->ctrl->getLinkTarget($this,'adminPerm')
2966  );
2967  }
2968  return true;
2969  }
2970 
2971 
2972 } // END class.ilObjRoleGUI
2973 ?>