ILIAS  Release_4_2_x_branch Revision 61807
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilObjRoleGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 include_once "./classes/class.ilObjectGUI.php";
5 include_once './Services/AccessControl/classes/class.ilObjRole.php';
6 
19 class ilObjRoleGUI extends ilObjectGUI
20 {
21  const MODE_GLOBAL_UPDATE = 1;
22  const MODE_GLOBAL_CREATE = 2;
23  const MODE_LOCAL_UPDATE = 3;
24  const MODE_LOCAL_CREATE = 4;
25 
31  var $type;
32 
38  var $rolf_ref_id;
39 
40  protected $obj_ref_id = 0;
41  protected $obj_obj_id = 0;
42  protected $obj_obj_type = '';
43  protected $container_type = '';
44 
45 
46  var $ctrl;
47 
52  function __construct($a_data,$a_id,$a_call_by_reference = false,$a_prepare_output = true)
53  {
54  global $tree,$lng;
55 
56  $lng->loadLanguageModule('rbac');
57 
58  //TODO: move this to class.ilias.php
59  define("USER_FOLDER_ID",7);
60 
61  if($_GET['rolf_ref_id'] != '')
62  {
63  $this->rolf_ref_id = $_GET['rolf_ref_id'];
64  }
65  else
66  {
67  $this->rolf_ref_id = $_GET['ref_id'];
68  }
69  // Add ref_id of object that contains this role folder
70  $this->obj_ref_id = $tree->getParentId($this->rolf_ref_id);
71  $this->obj_obj_id = ilObject::_lookupObjId($this->getParentRefId());
72  $this->obj_obj_type = ilObject::_lookupType($this->getParentObjId());
73 
74  $this->container_type = ilObject::_lookupType(ilObject::_lookupObjId($this->obj_ref_id));
75 
76  $this->type = "role";
77  $this->ilObjectGUI($a_data,$a_id,$a_call_by_reference,false);
78  $this->ctrl->saveParameter($this, array("obj_id", "rolf_ref_id"));
79  }
80 
81 
82  function &executeCommand()
83  {
84  global $rbacsystem;
85 
86  $this->prepareOutput();
87 
88  $next_class = $this->ctrl->getNextClass($this);
89  $cmd = $this->ctrl->getCmd();
90 
91  switch($next_class)
92  {
93  case 'ilrepositorysearchgui':
94  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
95  $rep_search =& new ilRepositorySearchGUI();
96  $rep_search->setTitle($this->lng->txt('role_add_user'));
97  $rep_search->setCallback($this,'addUserObject');
98 
99  // Set tabs
100  $this->tabs_gui->setTabActive('user_assignment');
101  $this->ctrl->setReturn($this,'userassignment');
102  $ret =& $this->ctrl->forwardCommand($rep_search);
103  break;
104 
105  default:
106  if(!$cmd)
107  {
108  if($this->showDefaultPermissionSettings())
109  {
110  $cmd = "perm";
111  }
112  else
113  {
114  $cmd = 'userassignment';
115  }
116  }
117  $cmd .= "Object";
118  $this->$cmd();
119 
120  break;
121  }
122 
123  return true;
124  }
125 
130  public function getParentRefId()
131  {
132  return $this->obj_ref_id;
133  }
134 
139  public function getParentObjId()
140  {
141  return $this->obj_obj_id;
142  }
143 
148  public function getParentType()
149  {
150  return $this->obj_obj_type;
151  }
152 
156  function setBackTarget($a_text, $a_link)
157  {
158  $this->back_target = array("text" => $a_text,
159  "link" => $a_link);
160  }
161 
162  public function getBackTarget()
163  {
164  return $this->back_target ? $this->back_target : array();
165  }
166 
170  function getAdminTabs(&$tabs_gui)
171  {
172  $this->getTabs($tabs_gui);
173  }
174 
179  protected function getContainerType()
180  {
181  return $this->container_type;
182  }
183 
188  protected function showDefaultPermissionSettings()
189  {
190  global $objDefinition;
191 
192  return $objDefinition->isContainer($this->getContainerType());
193  }
194 
195 
196  function listDesktopItemsObject()
197  {
198  global $rbacsystem,$rbacreview,$tree;
199 
200 
201  #if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
202  /*
203  if(!$this->checkAccess('edit_permission'))
204  {
205  ilUtil::sendFailure()
206  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
207  }
208  */
209  if(!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
210  $this->rolf_ref_id != ROLE_FOLDER_ID)
211  {
212  ilUtil::sendInfo($this->lng->txt('role_no_users_no_desk_items'));
213  return true;
214  }
215 
216 
217  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
218  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
219 
220  if($rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
221  {
222  $this->__showButton('selectDesktopItem',$this->lng->txt('role_desk_add'));
223  }
224  if(!count($items = $role_desk_item_obj->getAll()))
225  {
226  ilUtil::sendInfo($this->lng->txt('role_desk_none_created'));
227  return true;
228  }
229  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_list.html");
230  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
231  $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
232  $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
233  $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
234  $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
235  $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
236  $this->tpl->setVariable("IMG_ARROW",ilUtil::getImagePath('arrow_downright.gif'));
237 
238  $counter = 0;
239 
240  foreach($items as $role_item_id => $item)
241  {
242  $tmp_obj = ilObjectFactory::getInstanceByRefId($item['item_id']);
243 
244  if(strlen($desc = $tmp_obj->getDescription()))
245  {
246  $this->tpl->setCurrentBlock("description");
247  $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
248  $this->tpl->parseCurrentBlock();
249  }
250  $this->tpl->setCurrentBlock("desk_row");
251  $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
252  $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
253  $this->tpl->setVariable("CHECK_DESK",ilUtil::formCheckBox(0,'del_desk_item[]',$role_item_id));
254  $this->tpl->setVariable("TXT_PATH",$this->lng->txt('path').':');
255  $this->tpl->setVariable("PATH",$this->__formatPath($tree->getPathFull($item['item_id'])));
256  $this->tpl->parseCurrentBlock();
257  }
258 
259  return true;
260  }
261 
262  function askDeleteDesktopItemObject()
263  {
264  global $rbacsystem;
265 
266 
267  #if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
268  if(!$this->checkAccess('edit_permission'))
269  {
270  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
271  }
272  if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
273  {
274  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
275  }
276  if(!count($_POST['del_desk_item']))
277  {
278  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
279 
280  $this->listDesktopItemsObject();
281 
282  return true;
283  }
284  ilUtil::sendQuestion($this->lng->txt('role_sure_delete_desk_items'));
285 
286  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_ask_delete_desktop_item.html");
287  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
288  $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
289  $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
290  $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
291  $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
292  $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
293  $this->tpl->setVariable("BTN_CANCEL",$this->lng->txt('cancel'));
294 
295  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
296 
297  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
298 
299  $counter = 0;
300 
301  foreach($_POST['del_desk_item'] as $role_item_id)
302  {
303  $item_data = $role_desk_item_obj->getItem($role_item_id);
304  $tmp_obj =& ilObjectFactory::getInstanceByRefId($item_data['item_id']);
305 
306  if(strlen($desc = $tmp_obj->getDescription()))
307  {
308  $this->tpl->setCurrentBlock("description");
309  $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
310  $this->tpl->parseCurrentBlock();
311  }
312  $this->tpl->setCurrentBlock("desk_row");
313  $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
314  $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
315  $this->tpl->parseCurrentBlock();
316  }
317 
318  $_SESSION['role_del_desk_items'] = $_POST['del_desk_item'];
319 
320  return true;
321  }
322 
323  function deleteDesktopItemsObject()
324  {
325  global $rbacsystem;
326 
327  #if (!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
328  if(!$this->checkAccess('edit_permission'))
329  {
330  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
331  }
332 
333  if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
334  {
335  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
336  }
337 
338  if (!count($_SESSION['role_del_desk_items']))
339  {
340  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
341 
342  $this->listDesktopItemsObject();
343 
344  return true;
345  }
346 
347  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
348 
349  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
350 
351  foreach ($_SESSION['role_del_desk_items'] as $role_item_id)
352  {
353  $role_desk_item_obj->delete($role_item_id);
354  }
355 
356  ilUtil::sendSuccess($this->lng->txt('role_deleted_desktop_items'));
357  $this->listDesktopItemsObject();
358 
359  return true;
360  }
361 
362 
363  function selectDesktopItemObject()
364  {
365  global $rbacsystem,$tree;
366 
367  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
368  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
369 
370  if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
371  {
372  #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
373  ilUtil::sendFailure($this->lng->txt('permission_denied'));
374  $this->listDesktopItemsObject();
375  return false;
376  }
377 
378  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_selector.html");
379  $this->__showButton('listDesktopItems',$this->lng->txt('back'));
380 
381  ilUtil::sendInfo($this->lng->txt("role_select_desktop_item"));
382 
383  $exp = new ilRoleDesktopItemSelector($this->ctrl->getLinkTarget($this,'selectDesktopItem'),
384  new ilRoleDesktopItem($this->object->getId()));
385  $exp->setExpand($_GET["role_desk_item_link_expand"] ? $_GET["role_desk_item_link_expand"] : $tree->readRootId());
386  $exp->setExpandTarget($this->ctrl->getLinkTarget($this,'selectDesktopItem'));
387 
388  $exp->setOutput(0);
389 
390  $output = $exp->getOutput();
391  $this->tpl->setVariable("EXPLORER",$output);
392  //$this->tpl->setVariable("EXPLORER", $exp->getOutput());
393 
394  return true;
395  }
396 
397  function assignDesktopItemObject()
398  {
399  global $rbacsystem;
400 
401  if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
402  {
403  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
404  return false;
405  }
406 
407 
408  if (!isset($_GET['item_id']))
409  {
410  ilUtil::sendFailure($this->lng->txt('role_no_item_selected'));
411  $this->selectDesktopItemObject();
412 
413  return false;
414  }
415 
416  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
417 
418  $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
419  $role_desk_item_obj->add((int) $_GET['item_id'],ilObject::_lookupType((int) $_GET['item_id'],true));
420 
421  ilUtil::sendSuccess($this->lng->txt('role_assigned_desktop_item'));
422 
423  $this->ctrl->redirect($this,'listDesktopItems');
424  return true;
425  }
426 
432  protected function initFormRoleProperties($a_mode)
433  {
434  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
435  $this->form = new ilPropertyFormGUI();
436 
437  if($this->creation_mode)
438  {
439  $this->ctrl->setParameter($this, "new_type", 'role');
440  }
441  $this->form->setFormAction($this->ctrl->getFormAction($this));
442 
443  switch($a_mode)
444  {
445  case self::MODE_GLOBAL_CREATE:
446  $this->form->setTitle($this->lng->txt('role_new'));
447  $this->form->addCommandButton('save',$this->lng->txt('role_new'));
448  break;
449 
450  case self::MODE_GLOBAL_UPDATE:
451  $this->form->setTitle($this->lng->txt('role_edit'));
452  $this->form->addCommandButton('update', $this->lng->txt('save'));
453  break;
454 
455  case self::MODE_LOCAL_CREATE:
456  case self::MODE_LOCAL_UPDATE:
457  }
458  // Fix cancel
459  $this->form->addCommandButton('cancel', $this->lng->txt('cancel'));
460 
461  $title = new ilTextInputGUI($this->lng->txt('title'),'title');
462  if(ilObjRole::isAutoGenerated($this->object->getId()))
463  {
464  $title->setDisabled(true);
465  }
466  $title->setValidationRegexp('/^(?!il_).*$/');
467  $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
468  $title->setSize(40);
469  $title->setMaxLength(70);
470  $title->setRequired(true);
471  $this->form->addItem($title);
472 
473  $desc = new ilTextAreaInputGUI($this->lng->txt('description'),'desc');
474  if(ilObjRole::isAutoGenerated($this->object->getId()))
475  {
476  $desc->setDisabled(true);
477  }
478  $desc->setCols(40);
479  $desc->setRows(3);
480  $this->form->addItem($desc);
481 
482  if($this->rolf_ref_id == ROLE_FOLDER_ID)
483  {
484  $reg = new ilCheckboxInputGUI($this->lng->txt('allow_register'),'reg');
485  $reg->setValue(1);
486  #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
487  $this->form->addItem($reg);
488 
489  $la = new ilCheckboxInputGUI($this->lng->txt('allow_assign_users'),'la');
490  $la->setValue(1);
491  #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
492  $this->form->addItem($la);
493  }
494 
495  $pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'),'pro');
496  $pro->setValue(1);
497  #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
498  $this->form->addItem($pro);
499 
500  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
501  if(ilDiskQuotaActivationChecker::_isActive())
502  {
503  $quo = new ilNumberInputGUI($this->lng->txt('disk_quota'),'disk_quota');
504  $quo->setMinValue(0);
505  $quo->setSize(4);
506  $quo->setInfo($this->lng->txt('enter_in_mb_desc').'<br />'.$this->lng->txt('disk_quota_on_role_desc'));
507  $this->form->addItem($quo);
508  }
509 
510  return true;
511  }
512 
518  protected function loadRoleProperties(ilObjRole $role)
519  {
520  $role->setTitle($this->form->getInput('title'));
521  $role->setDescription($this->form->getInput('desc'));
522  $role->setAllowRegister($this->form->getInput('reg'));
523  $role->toggleAssignUsersStatus($this->form->getInput('la'));
524  $role->setDiskQuota($this->form->getInput('disk_quota') * pow(ilFormat::_getSizeMagnitude(),2));
525  return true;
526  }
527 
533  protected function readRoleProperties(ilObjRole $role)
534  {
535  global $rbacreview;
536 
537  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
538 
539  $data['title'] = $role->getTitle();
540  $data['desc'] = $role->getDescription();
541  $data['reg'] = $role->getAllowRegister();
542  $data['la'] = $role->getAssignUsersStatus();
543  if(ilDiskQuotaActivationChecker::_isActive())
544  {
545  $data['disk_quota'] = $role->getDiskQuota() / (pow(ilFormat::_getSizeMagnitude(),2));
546  }
547  $data['pro'] = $rbacreview->isProtected($this->rolf_ref_id, $role->getId());
548 
549  $this->form->setValuesByArray($data);
550  }
551 
552 
553 
554 
560  public function createObject()
561  {
562  global $rbacsystem;
563 
564  if(!$rbacsystem->checkAccess('create_role',$this->rolf_ref_id))
565  {
566  $ilErr->raiseError($this->lng->txt('permission_denied'),$ilErr->MESSAGE);
567  }
568 
569  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
570  $this->tpl->setContent($this->form->getHTML());
571  }
572 
577  public function editObject()
578  {
579  global $rbacsystem, $rbacreview, $ilSetting,$ilErr;
580 
581  if(!$this->checkAccess('write','edit_permission'))
582  {
583  $ilErr->raiseError($this->lng->txt("msg_no_perm_write"),$ilErr->MESSAGE);
584  }
585  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
586  $this->readRoleProperties($this->object);
587  $this->tpl->setContent($this->form->getHTML());
588  }
589 
595  function editObject2()
596  {
597  global $rbacsystem, $rbacreview, $ilSetting;
598  require_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
599  require_once 'classes/class.ilFormat.php';
600 
601  #if (!$rbacsystem->checkAccess("write", $this->rolf_ref_id))
602  if(!$this->checkAccess('write','edit_permission'))
603  {
604  $this->ilias->raiseError($this->lng->txt("msg_no_perm_write"),$this->ilias->error_obj->MESSAGE);
605  }
606 
607  $this->getTemplateFile("edit");
608 
609  if ($_SESSION["error_post_vars"])
610  {
611  // fill in saved values in case of error
612  if (substr($this->object->getTitle(false),0,3) != "il_")
613  {
614  $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($_SESSION["error_post_vars"]["Fobject"]["title"]),true);
615  $this->tpl->setVariable("DESC",ilUtil::stripSlashes($_SESSION["error_post_vars"]["Fobject"]["desc"]));
616  }
617 
618  $allow_register = ($_SESSION["error_post_vars"]["Fobject"]["allow_register"]) ? "checked=\"checked\"" : "";
619  $assign_users = ($_SESSION["error_post_vars"]["Fobject"]["assign_users"]) ? "checked=\"checked\"" : "";
620  $protect_permissions = ($_SESSION["error_post_vars"]["Fobject"]["protect_permissions"]) ? "checked=\"checked\"" : "";
621  if (ilDiskQuotaActivationChecker::_isActive())
622  {
623  $disk_quota = $_SESSION["error_post_vars"]["Fobject"]["disk_quota"];
624  }
625  }
626  else
627  {
628  if (substr($this->object->getTitle(),0,3) != "il_")
629  {
630  $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($this->object->getTitle()));
631  $this->tpl->setVariable("DESC",ilUtil::stripSlashes($this->object->getDescription()));
632  }
633 
634  $allow_register = ($this->object->getAllowRegister()) ? "checked=\"checked\"" : "";
635  $assign_users = $this->object->getAssignUsersStatus() ? "checked=\"checked\"" : "";
636  if (ilDiskQuotaActivationChecker::_isActive())
637  {
638  $disk_quota = $this->object->getDiskQuota() / ilFormat::_getSizeMagnitude() / ilFormat::_getSizeMagnitude();
639  }
640  $protect_permissions = $rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()) ? "checked=\"checked\"" : "";
641 
642  }
643 
644  $obj_str = "&obj_id=".$this->obj_id;
645 
646  $this->tpl->setVariable("TXT_TITLE",$this->lng->txt("title"));
647  $this->tpl->setVariable("TXT_DESC",$this->lng->txt("desc"));
648 
649  // exclude allow register option for anonymous role, system role and all local roles
650  $global_roles = $rbacreview->getGlobalRoles();
651 
652  $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
653  $this->tpl->setVariable("TXT_HEADER", $this->lng->txt($this->object->getType()."_edit"));
654  $this->tpl->setVariable("TARGET", $this->getTargetFrame("update"));
655  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
656  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
657  $this->tpl->setVariable("CMD_SUBMIT", "update");
658  $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
659 
660  if (substr($this->object->getTitle(),0,3) == "il_")
661  {
662  $this->tpl->setVariable("SHOW_TITLE",ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")");
663 
664  $rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
665  $parent_node = $this->tree->getParentNodeData($rolf[0]);
666 
667  $this->tpl->setVariable("SHOW_DESC",$this->lng->txt("obj_".$parent_node['type'])." (".$parent_node['obj_id'].") <br/>".$parent_node['title']);
668 
669  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
670  $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("back"));
671  $this->tpl->setVariable("CMD_SUBMIT", "cancel");
672  }
673 
674  if ($this->object->getId() != ANONYMOUS_ROLE_ID and
675  $this->object->getId() != SYSTEM_ROLE_ID and
676  in_array($this->object->getId(),$global_roles))
677  {
678  $this->tpl->setCurrentBlock("allow_register");
679  $this->tpl->setVariable("TXT_ALLOW_REGISTER",$this->lng->txt("allow_register"));
680  $this->tpl->setVariable("ALLOW_REGISTER",$allow_register);
681  $this->tpl->parseCurrentBlock();
682 
683  $this->tpl->setCurrentBlock("assign_users");
684  $this->tpl->setVariable("TXT_ASSIGN_USERS",$this->lng->txt('allow_assign_users'));
685  $this->tpl->setVariable("ASSIGN_USERS",$assign_users);
686  $this->tpl->parseCurrentBlock();
687 
688  $this->tpl->setCurrentBlock("protect_permissions");
689  $this->tpl->setVariable("TXT_PROTECT_PERMISSIONS",$this->lng->txt('role_protect_permissions'));
690  $this->tpl->setVariable("PROTECT_PERMISSIONS",$protect_permissions);
691  $this->tpl->parseCurrentBlock();
692 
693  require_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
694  if (ilDiskQuotaActivationChecker::_isActive())
695  {
696  $this->tpl->setCurrentBlock("disk_quota");
697  $this->tpl->setVariable("TXT_DISK_QUOTA",$this->lng->txt("disk_quota"));
698  $this->tpl->setVariable("TXT_DISK_QUOTA_DESC",$this->lng->txt("enter_in_mb_desc").'<br>'.$this->lng->txt("disk_quota_on_role_desc"));
699  $this->tpl->setVariable("DISK_QUOTA",$disk_quota);
700  $this->tpl->parseCurrentBlock();
701  }
702  }
703  }
704 
705 
710  public function saveObject()
711  {
712  global $rbacadmin,$rbacreview;
713 
714  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
715  if($this->form->checkInput() and !$this->checkDuplicate())
716  {
717  include_once './Services/AccessControl/classes/class.ilObjRole.php';
718  $this->loadRoleProperties($this->role = new ilObjRole());
719  $this->role->create();
720  $rbacadmin->assignRoleToFolder($this->role->getId(), $this->rolf_ref_id,'y');
721  $rbacadmin->setProtected(
722  $this->rolf_ref_id,
723  $this->role->getId(),
724  $this->form->getInput('pro') ? 'y' : 'n'
725  );
726  ilUtil::sendSuccess($this->lng->txt("role_added"),true);
727  $this->ctrl->returnToParent($this);
728  }
729 
730  ilUtil::sendFailure($this->lng->txt('err_check_input'));
731  $this->form->setValuesByPost();
732  $this->tpl->setContent($this->form->getHTML());
733  return false;
734  }
735 
740  protected function checkDuplicate($a_role_id = 0)
741  {
742  global $rbacreview;
743 
744  foreach($rbacreview->getRolesOfRoleFolder($this->rolf_ref_id) as $role_id)
745  {
746  if($role_id == $a_role_id)
747  {
748  continue;
749  }
750 
751  $title = trim(ilObject::_lookupTitle($role_id));
752  if(strcmp($title, trim($this->form->getInput('title'))) === 0)
753  {
754  $this->form->getItemByPostVar('title')->setAlert($this->lng->txt('rbac_role_exists_alert'));
755  return true;
756  }
757  }
758  return false;
759  }
760 
765  public function updateObject()
766  {
767  global $rbacadmin;
768 
769  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
770  if($this->form->checkInput() and !$this->checkDuplicate($this->object->getId()))
771  {
772  include_once './Services/AccessControl/classes/class.ilObjRole.php';
773  $this->loadRoleProperties($this->object);
774  $this->object->update();
775  $rbacadmin->setProtected(
776  $this->rolf_ref_id,
777  $this->object->getId(),
778  $this->form->getInput('pro') ? 'y' : 'n'
779  );
780  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
781  $this->ctrl->redirect($this,'edit');
782  }
783 
784  ilUtil::sendFailure($this->lng->txt('err_check_input'));
785  $this->form->setValuesByPost();
786  $this->tpl->setContent($this->form->getHTML());
787  return false;
788  }
789 
794  protected function permObject($a_show_admin_permissions = false)
795  {
796  global $ilTabs, $ilErr, $ilToolbar, $objDefinition,$rbacreview;
797 
798  $ilTabs->setTabActive('default_perm_settings');
799 
800  $this->setSubTabs('default_perm_settings');
801 
802  if($a_show_admin_permissions)
803  {
804  $ilTabs->setSubTabActive('rbac_admin_permissions');
805  }
806  else
807  {
808  $ilTabs->setSubTabActive('rbac_repository_permissions');
809  }
810 
811  if(!$this->checkAccess('write','edit_permission'))
812  {
813  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->MESSAGE);
814  return true;
815  }
816 
817  // Show copy role button
818  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
819  $ilToolbar->addButton(
820  $this->lng->txt("adopt_perm_from_template"),
821  $this->ctrl->getLinkTarget($this,'adoptPerm')
822  );
823  if($rbacreview->isDeleteable($this->object->getId(), $this->rolf_ref_id))
824  {
825  $ilToolbar->addButton(
826  $this->lng->txt('rbac_delete_role'),
827  $this->ctrl->getLinkTarget($this,'confirmDeleteRole')
828  );
829  }
830 
831  $this->tpl->addBlockFile(
832  'ADM_CONTENT',
833  'adm_content',
834  'tpl.rbac_template_permissions.html',
835  'Services/AccessControl'
836  );
837 
838  $this->tpl->setVariable('PERM_ACTION',$this->ctrl->getFormAction($this));
839 
840  include_once './Services/Accordion/classes/class.ilAccordionGUI.php';
841  $acc = new ilAccordionGUI();
842  $acc->setBehaviour(ilAccordionGUI::FORCE_ALL_OPEN);
843  $acc->setId('template_perm_'.$this->getParentRefId());
844 
845  if($this->rolf_ref_id == ROLE_FOLDER_ID)
846  {
847  if($a_show_admin_permissions)
848  {
849  $subs = $objDefinition->getSubObjectsRecursively('adm',true,true);
850  }
851  else
852  {
853  $subs = $objDefinition->getSubObjectsRecursively('root',true,$a_show_admin_permissions);
854  }
855  }
856  else
857  {
858  $subs = $objDefinition->getSubObjectsRecursively($this->getParentType(),true,$a_show_admin_permissions);
859  }
860 
861  $sorted = array();
862  foreach($subs as $subtype => $def)
863  {
864  if($objDefinition->isPlugin($subtype))
865  {
866  $translation = ilPlugin::lookupTxt("rep_robj", $subtype,"obj_".$subtype);
867  }
868  elseif($objDefinition->isSystemObject($subtype))
869  {
870  $translation = $this->lng->txt("obj_".$subtype);
871  }
872  else
873  {
874  $translation = $this->lng->txt('objs_'.$subtype);
875  }
876 
877  $sorted[$subtype] = $def;
878  $sorted[$subtype]['translation'] = $translation;
879  }
880 
881 
882  $sorted = ilUtil::sortArray($sorted, 'translation','asc',true,true);
883  foreach($sorted as $subtype => $def)
884  {
885  if($objDefinition->isPlugin($subtype))
886  {
887  $translation = ilPlugin::lookupTxt("rep_robj", $subtype,"obj_".$subtype);
888  }
889  elseif($objDefinition->isSystemObject($subtype))
890  {
891  $translation = $this->lng->txt("obj_".$subtype);
892  }
893  else
894  {
895  $translation = $this->lng->txt('objs_'.$subtype);
896  }
897 
898  include_once 'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
899  $tbl = new ilObjectRoleTemplatePermissionTableGUI(
900  $this,
901  'perm',
902  $this->getParentRefId(),
903  $this->object->getId(),
904  $subtype,
905  $a_show_admin_permissions
906  );
907  $tbl->parse();
908 
909  $acc->addItem($translation, $tbl->getHTML());
910  }
911 
912  $this->tpl->setVariable('ACCORDION',$acc->getHTML());
913 
914  // Add options table
915  include_once './Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
916  $options = new ilObjectRoleTemplateOptionsTableGUI(
917  $this,
918  'perm',
919  $this->rolf_ref_id,
920  $this->object->getId(),
921  $a_show_admin_permissions
922  );
923  $options->addMultiCommand(
924  $a_show_admin_permissions ? 'adminPermSave' : 'permSave',
925  $this->lng->txt('save')
926  );
927 
928  $options->parse();
929  $this->tpl->setVariable('OPTIONS_TABLE',$options->getHTML());
930  }
931 
936  protected function adminPermObject()
937  {
938  return $this->permObject(true);
939  }
940 
945  protected function adminPermSaveObject()
946  {
947  return $this->permSaveObject(true);
948  }
949 
955  function perm2Object()
956  {
957  global $rbacadmin, $rbacreview, $rbacsystem, $objDefinition, $tree,$ilTabs, $ilToolbar;
958 
959  $ilTabs->setTabActive('default_perm_settings');
960 
961  $access = $this->checkAccess('visible,write','edit_permission');
962  if (!$access)
963  {
964  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
965  }
966 
967 
968  $perm_def = $this->object->__getPermissionDefinitions();
969 
970  $rbac_objects =& $perm_def[0];
971  $rbac_operations =& $perm_def[1];
972 
973  foreach ($rbac_objects as $key => $obj_data)
974  {
975  if ($objDefinition->isPlugin($obj_data["type"]))
976  {
977  $rbac_objects[$key]["name"] = ilPlugin::lookupTxt("rep_robj", $obj_data["type"],
978  "obj_".$obj_data["type"]);
979  }
980  else
981  {
982  $rbac_objects[$key]["name"] = $this->lng->txt("obj_".$obj_data["type"]);
983  }
984  $rbac_objects[$key]["ops"] = $rbac_operations[$key];
985  }
986 
987  // for local roles display only the permissions settings for allowed subobjects
988  if ($this->rolf_ref_id != ROLE_FOLDER_ID)
989  {
990  // first get object in question (parent of role folder object)
991  $parent_data = $this->tree->getParentNodeData($this->rolf_ref_id);
992  // get allowed subobjects of object recursively
993  $subobj_data = $this->objDefinition->getSubObjectsRecursively($parent_data["type"]);
994 
995  // remove not allowed object types from array but keep the type definition of object itself
996  foreach ($rbac_objects as $key => $obj_data)
997  {
998  if ($obj_data["type"] == "rolf")
999  {
1000  unset($rbac_objects[$key]);
1001  continue;
1002  }
1003 
1004  if (!$subobj_data[$obj_data["type"]] and $parent_data["type"] != $obj_data["type"])
1005  {
1006  unset($rbac_objects[$key]);
1007  }
1008  }
1009  } // end if local roles
1010 
1011  // now sort computed result
1012  //sort($rbac_objects);
1013 
1014  /*foreach ($rbac_objects as $key => $obj_data)
1015  {
1016  sort($rbac_objects[$key]["ops"]);
1017  }*/
1018 
1019  // sort by (translated) name of object type
1020  $rbac_objects = ilUtil::sortArray($rbac_objects,"name","asc");
1021 
1022  // BEGIN CHECK_PERM
1023  foreach ($rbac_objects as $key => $obj_data)
1024  {
1025  $arr_selected = $rbacreview->getOperationsOfRole($this->object->getId(), $obj_data["type"], $this->rolf_ref_id);
1026  $arr_checked = array_intersect($arr_selected,array_keys($rbac_operations[$obj_data["obj_id"]]));
1027 
1028  foreach ($rbac_operations[$obj_data["obj_id"]] as $operation)
1029  {
1030  // check all boxes for system role
1031  if ($this->object->getId() == SYSTEM_ROLE_ID)
1032  {
1033  $checked = true;
1034  $disabled = true;
1035  }
1036  else
1037  {
1038  $checked = in_array($operation["ops_id"],$arr_checked);
1039  $disabled = false;
1040  }
1041 
1042  // Es wird eine 2-dim Post Variable uebergeben: perm[rol_id][ops_id]
1043  $box = ilUtil::formCheckBox($checked,"template_perm[".$obj_data["type"]."][]",$operation["ops_id"],$disabled);
1044  $output["perm"][$obj_data["obj_id"]][$operation["ops_id"]] = $box;
1045  }
1046  }
1047  // END CHECK_PERM
1048 
1049  $output["col_anz"] = count($rbac_objects);
1050  $output["txt_save"] = $this->lng->txt("save");
1051  $output["check_recursive"] = ilUtil::formCheckBox(0,"recursive",1);
1052  $output["text_recursive"] = $this->lng->txt("change_existing_objects");
1053  $output["text_recursive_desc"] = $this->lng->txt("change_existing_objects_desc");
1054 
1055  $protected_disabled = true;
1056 
1057  if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
1058  {
1059  $protected_disabled = false;
1060  }
1061 
1062  $output["check_protected"] = ilUtil::formCheckBox($rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()),
1063  "protected",
1064  1,
1065  $protected_disabled);
1066 
1067  $output["text_protected"] = $this->lng->txt("role_protect_permissions");
1068  $output["text_protected_desc"] = $this->lng->txt("role_protect_permissions_desc");
1069 
1070  /* send message for system role
1071  if ($this->object->getId() == SYSTEM_ROLE_ID)
1072  {
1073  $output["adopt"] = array();
1074  $output["sysrole_msg"] = $this->lng->txt("msg_sysrole_not_editable");
1075  }
1076  */
1077 
1078  $output["formaction"] = $this->ctrl->getFormAction($this);
1079 
1080  $this->data = $output;
1081 
1082 
1083 /************************************/
1084 /* generate output */
1085 /************************************/
1086 
1087  $this->tpl->addBlockfile('ADM_CONTENT','adm_content','tpl.adm_perm_role.html');
1088 
1089 
1090  if($access and $this->object->isDeletable($this->rolf_ref_id))
1091  {
1092  $this->tpl->setVariable('LINK_DELETE_ROLE',$this->ctrl->getLinkTarget($this,'confirmDeleteRole'));
1093  $this->tpl->setVariable('TXT_DELETE_ROLE',$this->lng->txt('rbac_delete_role'));
1094  $this->tpl->setVariable('TXT_FOOTER_DELETE_ROLE',$this->lng->txt('rbac_delete_role'));
1095  }
1096 
1097  foreach ($rbac_objects as $obj_data)
1098  {
1099  // BEGIN object_operations
1100  $this->tpl->setCurrentBlock("object_operations");
1101 
1102  $ops_ids = "";
1103 
1104  foreach ($obj_data["ops"] as $operation)
1105  {
1106  $ops_ids[] = $operation["ops_id"];
1107 
1108  //$css_row = ilUtil::switchColor($j++, "tblrow1", "tblrow2");
1109  $css_row = "tblrow1";
1110  $this->tpl->setVariable("CSS_ROW",$css_row);
1111  $this->tpl->setVariable("PERMISSION",$operation["name"]);
1112  if (substr($operation["title"], 0, 7) == "create_")
1113  {
1114  if ($this->objDefinition->getDevMode(substr($operation["title"], 7, strlen($operation["title"]) -7)))
1115  {
1116  $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
1117  }
1118  }
1119  $this->tpl->setVariable("CHECK_PERMISSION",$this->data["perm"][$obj_data["obj_id"]][$operation["ops_id"]]);
1120  $this->tpl->setVariable("LABEL_ID","template_perm_".$obj_data["type"]."_".$operation["ops_id"]);
1121  $this->tpl->parseCurrentBlock();
1122  } // END object_operations
1123 
1124  // BEGIN object_type
1125  $this->tpl->setCurrentBlock("object_type");
1126 
1127  // add administration for adminstrative items
1128  if ($objDefinition->isSystemObject($obj_data["type"]) &&
1129  $obj_data["type"] != "root")
1130  {
1131  $this->tpl->setVariable("TXT_ADMINIS", "(".$this->lng->txt("administration").") ");
1132  }
1133 
1134  $this->tpl->setVariable("TXT_OBJ_TYPE",$obj_data["name"]);
1135 
1136 // TODO: move this if in a function and query all objects that may be disabled or inactive
1137  if ($this->objDefinition->getDevMode($obj_data["type"]))
1138  {
1139  $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
1140  }
1141  else if ($obj_data["type"] == "icrs" and !$this->ilias->getSetting("ilinc_active"))
1142  {
1143  $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_enabled_or_configured").")");
1144  }
1145 
1146  // option: change permissions of exisiting objects of that type
1147  $this->tpl->setVariable("OBJ_TYPE",$obj_data["type"]);
1148  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE_DESC",$this->lng->txt("change_existing_object_type_desc"));
1149 
1150  // use different Text for system objects
1151  if ($objDefinition->isPlugin($obj_data["type"]))
1152  {
1153  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix")." ".
1154  ilPlugin::lookupTxt("rep_robj", $obj_data["type"], "objs_".$obj_data["type"]).
1155  " ".$this->lng->txt("change_existing_suffix"));
1156  }
1157  else if ($objDefinition->isSystemObject($obj_data["type"]))
1158  {
1159  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix_single")." ".$this->lng->txt("obj_".$obj_data["type"])." ".$this->lng->txt("change_existing_suffix_single"));
1160 
1161  }
1162  else
1163  {
1164  $this->tpl->setVariable("CHANGE_PERM_OBJ_TYPE",$this->lng->txt("change_existing_prefix")." ".$this->lng->txt("objs_".$obj_data["type"])." ".$this->lng->txt("change_existing_suffix"));
1165  }
1166 
1167  // js checkbox toggles
1168  $this->tpl->setVariable("JS_VARNAME","template_perm_".$obj_data["type"]);
1169  $this->tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($ops_ids));
1170  $this->tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
1171  $this->tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
1172 
1173  $this->tpl->parseCurrentBlock();
1174  // END object_type
1175  }
1176 
1177  // don't display adopt permissions form for system role
1178  if ($this->object->getId() != SYSTEM_ROLE_ID)
1179  {
1180  $this->tpl->setCurrentBlock("tblfooter_special_options");
1181  $this->tpl->setVariable("TXT_PERM_SPECIAL_OPTIONS",$this->lng->txt("perm_special_options"));
1182  $this->tpl->parseCurrentBlock();
1183 
1184  $this->tpl->setCurrentBlock("tblfooter_recursive");
1185  $this->tpl->setVariable("COL_ANZ",3);
1186  $this->tpl->setVariable("CHECK_RECURSIVE",$this->data["check_recursive"]);
1187  $this->tpl->setVariable("TXT_RECURSIVE",$this->data["text_recursive"]);
1188  $this->tpl->setVariable("TXT_RECURSIVE_DESC",$this->data["text_recursive_desc"]);
1189  $this->tpl->parseCurrentBlock();
1190 
1191  $this->tpl->setCurrentBlock("tblfooter_protected");
1192  $this->tpl->setVariable("COL_ANZ",3);
1193  $this->tpl->setVariable("CHECK_PROTECTED",$this->data["check_protected"]);
1194  $this->tpl->setVariable("TXT_PROTECTED",$this->data["text_protected"]);
1195  $this->tpl->setVariable("TXT_PROTECTED_DESC",$this->data["text_protected_desc"]);
1196  $this->tpl->parseCurrentBlock();
1197 
1198  $this->tpl->setCurrentBlock("tblfooter_standard");
1199  $this->tpl->setVariable("COL_ANZ_PLUS",3);
1200  $this->tpl->setVariable("TXT_SAVE",$this->data["txt_save"]);
1201  $this->tpl->parseCurrentBlock();
1202 
1203  // Show copy role button
1204  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
1205  $ilToolbar->addButton($this->lng->txt("adopt_perm_from_template"),$this->ctrl->getLinkTarget($this,'adoptPerm'));
1206  }
1207  else
1208  {
1209  // display form buttons not for system role
1210  $this->tpl->setCurrentBlock("tblfooter_sysrole");
1211  $this->tpl->setVariable("COL_ANZ_SYS",3);
1212  $this->tpl->parseCurrentBlock();
1213 
1214  // display sysrole_msg
1215  $this->tpl->setCurrentBlock("sysrole_msg");
1216  $this->tpl->setVariable("TXT_SYSROLE_MSG",$this->data["sysrole_msg"]);
1217  $this->tpl->parseCurrentBlock();
1218  }
1219 
1220  $this->tpl->setCurrentBlock("adm_content");
1221  $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath("icon_".$this->object->getType().".gif"));
1222  $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt($this->object->getType()));
1223  $this->tpl->setVariable("TBL_HELP_IMG",ilUtil::getImagePath("icon_help.gif"));
1224  $this->tpl->setVariable("TBL_HELP_LINK","tbl_help.php");
1225  $this->tpl->setVariable("TBL_HELP_IMG_ALT",$this->lng->txt("help"));
1226 
1227  // compute additional information in title
1228  $global_roles = $rbacreview->getGlobalRoles();
1229 
1230  if (in_array($this->object->getId(),$global_roles))
1231  {
1232  $desc = "global";
1233  }
1234  else
1235  {
1236  // description for autogenerated roles
1237  if($rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true))
1238  {
1239  $parent_node = $this->tree->getParentNodeData($rolf[0]);
1240  $desc = $this->lng->txt("obj_".$parent_node['type'])." (#".$parent_node['obj_id'].") : ".$parent_node['title'];
1241  }
1242  }
1243 
1244  $description = "&nbsp;<span class=\"small\">(".$desc.")</span>";
1245 
1246  // translation for autogenerated roles
1247  if (substr($this->object->getTitle(),0,3) == "il_")
1248  {
1249  $title = ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")";
1250  }
1251  else
1252  {
1253  $title = $this->object->getTitle();
1254  }
1255 
1256  $this->tpl->setVariable("TBL_TITLE",$title.$description);
1257 
1258  // info text
1259  $pid = $tree->getParentId($this->rolf_ref_id);
1260  $ptitle = ilObject::_lookupTitle(ilObject::_lookupObjId($pid));
1261  if ($this->rolf_ref_id != ROLE_FOLDER_ID)
1262  {
1263  $info = sprintf($this->lng->txt("perm_role_info_1"),
1264  $this->object->getTitle(), $ptitle)." ".
1265  sprintf($this->lng->txt("perm_role_info_2"),
1266  $this->object->getTitle(), $ptitle);
1267  }
1268  else
1269  {
1270  $info = sprintf($this->lng->txt("perm_role_info_glob_1"),
1271  $this->object->getTitle(), $ptitle)." ".
1272  sprintf($this->lng->txt("perm_role_info_glob_2"),
1273  $this->object->getTitle(), $ptitle);
1274  }
1275  $this->tpl->setVariable("TXT_TITLE_INFO", $info);
1276 
1277  $this->tpl->setVariable("TXT_PERMISSION",$this->data["txt_permission"]);
1278  $this->tpl->setVariable("FORMACTION",$this->data["formaction"]);
1279  $this->tpl->parseCurrentBlock();
1280  }
1281 
1282  protected function adoptPermObject()
1283  {
1284  global $rbacreview;
1285 
1286  $output = array();
1287 
1288  $parent_role_ids = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
1289  $ids = array();
1290  foreach($parent_role_ids as $id => $tmp)
1291  {
1292  $ids[] = $id;
1293  }
1294 
1295  // Sort ids
1296  $sorted_ids = ilUtil::_sortIds($ids,'object_data','type,title','obj_id');
1297  $key = 0;
1298  foreach($sorted_ids as $id)
1299  {
1300  $par = $parent_role_ids[$id];
1301  if ($par["obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par["obj_id"])
1302  {
1303  $radio = ilUtil::formRadioButton(0,"adopt",$par["obj_id"]);
1304  $output["adopt"][$key]["css_row_adopt"] = ($key % 2 == 0) ? "tblrow1" : "tblrow2";
1305  $output["adopt"][$key]["check_adopt"] = $radio;
1306  $output["adopt"][$key]["role_id"] = $par["obj_id"];
1307  $output["adopt"][$key]["type"] = ($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt'));
1308  $output["adopt"][$key]["role_name"] = ilObjRole::_getTranslation($par["title"]);
1309  $output["adopt"][$key]["role_desc"] = $par["desc"];
1310  $key++;
1311  }
1312  }
1313 
1314  $output["formaction_adopt"] = $this->ctrl->getFormAction($this);
1315  $output["message_middle"] = $this->lng->txt("adopt_perm_from_template");
1316 
1317 
1318  $tpl = new ilTemplate("tpl.adm_copy_role.html", true, true, "Services/AccessControl");
1319 
1320  $tpl->setCurrentBlock("ADOPT_PERM_ROW");
1321  foreach ($output["adopt"] as $key => $value)
1322  {
1323  $tpl->setVariable("CSS_ROW_ADOPT",$value["css_row_adopt"]);
1324  $tpl->setVariable("CHECK_ADOPT",$value["check_adopt"]);
1325  $tpl->setVariable("LABEL_ID",$value["role_id"]);
1326  $tpl->setVariable("TYPE",$value["type"]);
1327  $tpl->setVariable("ROLE_NAME",$value["role_name"]);
1328  if(strlen($value['role_desc']))
1329  {
1330  $tpl->setVariable('ROLE_DESC',$value['role_desc']);
1331  }
1332  $tpl->parseCurrentBlock();
1333  }
1334 
1335  $tpl->setVariable("TPLPATH",$this->tpl->tplPath);
1336  $tpl->setVariable("MESSAGE_MIDDLE",$output["message_middle"]);
1337  $tpl->setVariable("FORMACTION_ADOPT",$output["formaction_adopt"]);
1338  $tpl->setVariable("ADOPT",$this->lng->txt('copy'));
1339  $tpl->setVariable("CANCEL",$this->lng->txt('cancel'));
1340 
1341  $tpl->setVariable('HEAD_ROLE',$this->lng->txt('title'));
1342  $tpl->setVariable('HEAD_TYPE',$this->lng->txt('type'));
1343 
1344  $this->tpl->setContent($tpl->get());
1345  }
1346 
1351  protected function confirmDeleteRoleObject()
1352  {
1353  global $ilErr,$rbacreview,$ilUser;
1354 
1355  $access = $this->checkAccess('visible,write','edit_permission');
1356  if (!$access)
1357  {
1358  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->WARNING);
1359  }
1360 
1361  $question = $this->lng->txt('rbac_role_delete_qst');
1362  if($rbacreview->isAssigned($ilUser->getId(), $this->object->getId()))
1363  {
1364  $question .= ('<br />'.$this->lng->txt('rbac_role_delete_self'));
1365  }
1366  ilUtil::sendQuestion($question);
1367 
1368  include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
1369 
1370  $confirm = new ilConfirmationGUI();
1371  $confirm->setFormAction($this->ctrl->getFormAction($this));
1372  $confirm->setHeaderText($question);
1373  $confirm->setCancel($this->lng->txt('cancel'), 'perm');
1374  $confirm->setConfirm($this->lng->txt('rbac_delete_role'), 'performDeleteRole');
1375 
1376  $confirm->addItem(
1377  'role',
1378  $this->object->getId(),
1379  $this->object->getTitle(),
1380  ilUtil::getImagePath('icon_role.gif')
1381  );
1382 
1383  $this->tpl->setContent($confirm->getHTML());
1384  return true;
1385  }
1386 
1387 
1392  protected function performDeleteRoleObject()
1393  {
1394  global $ilErr;
1395 
1396  $access = $this->checkAccess('visible,write','edit_permission');
1397  if (!$access)
1398  {
1399  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->WARNING);
1400  }
1401 
1402  $this->object->setParent((int) $_GET['rolf_ref_id']);
1403  $this->object->delete();
1404  ilUtil::sendSuccess($this->lng->txt('msg_deleted_role'),true);
1405 
1406  if($back = $this->getBackTarget())
1407  {
1408  ilUtil::redirect($back['link']);
1409  }
1410  else
1411  {
1412  $this->ctrl->returnToParent($this);
1413  }
1414  }
1415 
1421  function permSaveObject($a_show_admin_permissions = false)
1422  {
1423  global $rbacsystem, $rbacadmin, $rbacreview, $objDefinition, $tree;
1424 
1425  // for role administration check write of global role folder
1426  /*
1427  if ($this->rolf_ref_id == ROLE_FOLDER_ID)
1428  {
1429  $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
1430  }
1431  else // for local roles check 'edit permission' of parent object of the local role folder
1432  {
1433  $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
1434  }
1435  */
1436  $access = $this->checkAccess('visible,write','edit_permission');
1437 
1438  if (!$access)
1439  {
1440  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1441  }
1442 
1443  // rbac log
1444  include_once "Services/AccessControl/classes/class.ilRbacLog.php";
1445  $rbac_log_active = ilRbacLog::isActive();
1446  if($rbac_log_active)
1447  {
1448  $rbac_log_old = ilRbacLog::gatherTemplate($this->rolf_ref_id, $this->object->getId());
1449  }
1450 
1451  // delete all template entries of enabled types
1452  if($this->rolf_ref_id == ROLE_FOLDER_ID)
1453  {
1454  if($a_show_admin_permissions)
1455  {
1456  $subs = $objDefinition->getSubObjectsRecursively('adm',true,true);
1457  }
1458  else
1459  {
1460  $subs = $objDefinition->getSubObjectsRecursively('root',true,false);
1461  }
1462  }
1463  else
1464  {
1465  $subs = $objDefinition->getSubObjectsRecursively($this->getParentType(),true,false);
1466  }
1467 
1468  foreach($subs as $subtype => $def)
1469  {
1470  // Delete per object type
1471  $rbacadmin->deleteRolePermission($this->object->getId(),$this->rolf_ref_id,$subtype);
1472  }
1473 
1474  if (empty($_POST["template_perm"]))
1475  {
1476  $_POST["template_perm"] = array();
1477  }
1478 
1479  foreach ($_POST["template_perm"] as $key => $ops_array)
1480  {
1481  // sets new template permissions
1482  $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->rolf_ref_id);
1483  }
1484 
1485  if($rbac_log_active)
1486  {
1487  $rbac_log_new = ilRbacLog::gatherTemplate($this->rolf_ref_id, $this->object->getId());
1488  $rbac_log_diff = ilRbacLog::diffTemplate($rbac_log_old, $rbac_log_new);
1489  ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE, $this->obj_ref_id, $rbac_log_diff);
1490  }
1491 
1492  // update object data entry (to update last modification date)
1493  $this->object->update();
1494 
1495  // set protected flag
1496  if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
1497  {
1498  $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST['protected']));
1499  }
1500 
1501  if($a_show_admin_permissions)
1502  {
1503  $_POST['recursive'] = true;
1504  }
1505 
1506  // Redirect if Change existing objects is not chosen
1507  if(!$_POST['recursive'] and !is_array($_POST['recursive_list']))
1508  {
1509  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1510  if($a_show_admin_permissions)
1511  {
1512  $this->ctrl->redirect($this,'adminPerm');
1513  }
1514  else
1515  {
1516  $this->ctrl->redirect($this,'perm');
1517  }
1518  }
1519  // New implementation
1520  if($this->isChangeExistingObjectsConfirmationRequired() and !$a_show_admin_permissions)
1521  {
1522  $this->showChangeExistingObjectsConfirmation();
1523  return true;
1524  }
1525 
1526  $start = ($this->rolf_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $tree->getParentId($this->rolf_ref_id));
1527  if($a_show_admin_permissions)
1528  {
1529  $start = $tree->getParentId($this->rolf_ref_id);
1530  }
1531 
1532  if($_POST['protected'])
1533  {
1534  $this->object->changeExistingObjects(
1535  $start,
1536  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
1537  array('all'),
1538  array()
1539  #$a_show_admin_permissions ? array('adm') : array()
1540  );
1541  }
1542  else
1543  {
1544  $this->object->changeExistingObjects(
1545  $start,
1546  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
1547  array('all'),
1548  array()
1549  #$a_show_admin_permissions ? array('adm') : array()
1550  );
1551  }
1552  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1553 
1554  if($a_show_admin_permissions)
1555  {
1556  $this->ctrl->redirect($this,'adminPerm');
1557  }
1558  else
1559  {
1560  $this->ctrl->redirect($this,'perm');
1561  }
1562  return true;
1563  }
1564 
1565 
1571  function adoptPermSaveObject()
1572  {
1573  global $rbacadmin, $rbacsystem, $rbacreview, $tree;
1574 
1575  if(!$_POST['adopt'])
1576  {
1577  ilUtil::sendFailure($this->lng->txt('select_one'));
1578  $this->adoptPermObject();
1579  return false;
1580  }
1581 
1582  $access = $this->checkAccess('visible,write','edit_permission');
1583  if (!$access)
1584  {
1585  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1586  }
1587 
1588  if ($this->object->getId() == $_POST["adopt"])
1589  {
1590  ilUtil::sendFailure($this->lng->txt("msg_perm_adopted_from_itself"),true);
1591  }
1592  else
1593  {
1594  $rbacadmin->deleteRolePermission($this->object->getId(), $this->rolf_ref_id);
1595  $parentRoles = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
1596  $rbacadmin->copyRoleTemplatePermissions(
1597  $_POST["adopt"],
1598  $parentRoles[$_POST["adopt"]]["parent"],
1599  $this->rolf_ref_id,
1600  $this->object->getId(),
1601  false);
1602 
1603  // update object data entry (to update last modification date)
1604  $this->object->update();
1605 
1606  // send info
1607  $obj_data =& $this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
1608  ilUtil::sendSuccess($this->lng->txt("msg_perm_adopted_from1")." '".$obj_data->getTitle()."'.<br/>".
1609  $this->lng->txt("msg_perm_adopted_from2"),true);
1610  }
1611 
1612  $this->ctrl->redirect($this, "perm");
1613  }
1614 
1620  function assignSaveObject()
1621  {
1622  $this->assignUserObject();
1623  }
1624 
1625 
1626 
1632  public function addUserObject($a_user_ids)
1633  {
1634  global $rbacreview,$rbacadmin;
1635 
1636  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1637  {
1638  ilUtil::sendFailure($this->lng->txt('msg_no_perm_assign_user_to_role'),true);
1639  return false;
1640  }
1641  if(!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
1642  $this->rolf_ref_id != ROLE_FOLDER_ID)
1643  {
1644  ilUtil::sendFailure($this->lng->txt('err_role_not_assignable'),true);
1645  return false;
1646  }
1647  if(!$a_user_ids)
1648  {
1649  $GLOBALS['lng']->loadLanguageModule('search');
1650  ilUtil::sendFailure($this->lng->txt('search_err_user_not_exist'),true);
1651  return false;
1652  }
1653 
1654  $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1655 
1656  // users to assign
1657  $assigned_users_new = array_diff($a_user_ids,array_intersect($a_user_ids,$assigned_users_all));
1658 
1659  // selected users all already assigned. stop
1660  if (count($assigned_users_new) == 0)
1661  {
1662  ilUtil::sendInfo($this->lng->txt("rbac_msg_user_already_assigned"),true);
1663  $this->ctrl->redirect($this,'userassignment');
1664  }
1665 
1666  // assign new users
1667  foreach ($assigned_users_new as $user)
1668  {
1669  $rbacadmin->assignUser($this->object->getId(),$user,false);
1670  }
1671 
1672  // update object data entry (to update last modification date)
1673  $this->object->update();
1674 
1675  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"),true);
1676  $this->ctrl->redirect($this,'userassignment');
1677  }
1678 
1684  function deassignUserObject()
1685  {
1686  global $rbacsystem, $rbacadmin, $rbacreview;
1687 
1688  #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
1689  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1690  {
1691  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1692  }
1693 
1694  $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
1695 
1696  if ($selected_users[0]=== NULL)
1697  {
1698  $this->ilias->raiseError($this->lng->txt("no_checkbox"),$this->ilias->error_obj->MESSAGE);
1699  }
1700 
1701  // prevent unassignment of system user from system role
1702  if ($this->object->getId() == SYSTEM_ROLE_ID)
1703  {
1704  if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !== false)
1705  unset($selected_users[$admin]);
1706  }
1707 
1708  // check for each user if the current role is his last global role before deassigning him
1709  $last_role = array();
1710  $global_roles = $rbacreview->getGlobalRoles();
1711 
1712  foreach ($selected_users as $user)
1713  {
1714  $assigned_roles = $rbacreview->assignedRoles($user);
1715  $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
1716 
1717  if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
1718  {
1719  $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
1720  $last_role[$user] = $userObj->getFullName();
1721  unset($userObj);
1722  }
1723  }
1724 
1725 
1726  // ... else perform deassignment
1727  foreach ($selected_users as $user)
1728  {
1729  if(!isset($last_role[$user]))
1730  {
1731  $rbacadmin->deassignUser($this->object->getId(), $user);
1732  }
1733  }
1734 
1735  // update object data entry (to update last modification date)
1736  $this->object->update();
1737 
1738  // raise error if last role was taken from a user...
1739  if(count($last_role))
1740  {
1741  $user_list = implode(", ",$last_role);
1742  ilUtil::sendFailure($this->lng->txt('msg_is_last_role').': '.$user_list.'<br />'.$this->lng->txt('msg_min_one_role'),true);
1743  }
1744  else
1745  {
1746  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"), true);
1747  }
1748  $this->ctrl->redirect($this,'userassignment');
1749  }
1750 
1756  function updateObject2()
1757  {
1758  global $rbacsystem, $rbacreview, $rbacadmin, $tree;
1759  require_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
1760  require_once 'classes/class.ilFormat.php';
1761 
1762  // for role administration check write of global role folder
1763  /*
1764  if ($this->rolf_ref_id == ROLE_FOLDER_ID)
1765  {
1766  $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
1767  }
1768  else // for local roles check 'edit permission' of parent object of the local role folder
1769  {
1770  $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
1771  }
1772  */
1773  $access = $this->checkAccess('write','edit_permission');
1774  if (!$access)
1775  {
1776  $this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_role"),$this->ilias->error_obj->MESSAGE);
1777  }
1778 
1779  if (substr($this->object->getTitle(),0,3) != "il_")
1780  {
1781  // check required fields
1782  if (empty($_POST["Fobject"]["title"]))
1783  {
1784  $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
1785  }
1786 
1787  // check if role title has il_ prefix
1788  if (substr($_POST["Fobject"]["title"],0,3) == "il_")
1789  {
1790  $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
1791  }
1792  if (ilDiskQuotaActivationChecker::_isActive())
1793  {
1794  // check if disk quota is empty or is numeric and positive
1795  if (! is_numeric(trim($_POST["Fobject"]["disk_quota"])) ||
1796  trim($_POST["Fobject"]["disk_quota"]) < 0
1797  )
1798  {
1799  $this->ilias->raiseError($this->lng->txt("msg_disk_quota_illegal_value"),$this->ilias->error_obj->MESSAGE);
1800  }
1801  }
1802 
1803 
1804 
1805  // update
1806  $this->object->setTitle(ilUtil::stripSlashes($_POST["Fobject"]["title"]));
1807  $this->object->setDescription(ilUtil::stripSlashes($_POST["Fobject"]["desc"]));
1808  if (ilDiskQuotaActivationChecker::_isActive())
1809  {
1810  $this->object->setDiskQuota($_POST["Fobject"]["disk_quota"] * ilFormat::_getSizeMagnitude() * ilFormat::_getSizeMagnitude());
1811  }
1812  }
1813 
1814 
1815 
1816  // ensure that at least one role is available in the new user register form if registration is enabled
1817  if ($_POST["Fobject"]["allow_register"] == "")
1818  {
1819  $roles_allowed = $this->object->_lookupRegisterAllowed();
1820 
1821  if (count($roles_allowed) == 1 and $roles_allowed[0]['id'] == $this->object->getId())
1822  {
1823  $this->ilias->raiseError($this->lng->txt("msg_last_role_for_registration"),$this->ilias->error_obj->MESSAGE);
1824  }
1825  }
1826 
1827  $this->object->setAllowRegister($_POST["Fobject"]["allow_register"]);
1828  $this->object->toggleAssignUsersStatus($_POST["Fobject"]["assign_users"]);
1829  $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST["Fobject"]["protect_permissions"]));
1830  $this->object->update();
1831 
1832  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1833 
1834  $this->ctrl->redirect($this,'edit');
1835  }
1836 
1837 
1841  function userassignmentObject()
1842  {
1843  global $rbacreview, $rbacsystem, $lng;
1844 
1845  //if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
1846  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1847  {
1848  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1849  }
1850 
1851  $this->tabs_gui->setTabActive('user_assignment');
1852 
1853  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.rbac_ua.html','Services/AccessControl');
1854 
1855  include_once './Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1856  $tb = new ilToolbarGUI();
1857 
1858  // add member
1859  include_once './Services/Search/classes/class.ilRepositorySearchGUI.php';
1860  ilRepositorySearchGUI::fillAutoCompleteToolbar(
1861  $this,
1862  $tb,
1863  array(
1864  'auto_complete_name' => $lng->txt('user'),
1865  'submit_name' => $lng->txt('add')
1866  )
1867  );
1868 
1869 /* include_once("./Services/Form/classes/class.ilUserLoginAutoCompleteInputGUI.php");
1870  $ul = new ilUserLoginAutoCompleteInputGUI($lng->txt("user"), "user_login", $this, "assignUserAutoComplete");
1871  $ul->setSize(15);
1872  $tb->addInputItem($ul, true);
1873 
1874  // add button
1875  $tb->addFormButton($lng->txt("add"), "assignUser");
1876 */
1877  $tb->addSpacer();
1878 
1879  $tb->addButton(
1880  $this->lng->txt('search_user'),
1881  $this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI','start')
1882  );
1883  $tb->addSpacer();
1884  $tb->addButton(
1885  $this->lng->txt('role_mailto'),
1886  $this->ctrl->getLinkTarget($this,'mailToRole')
1887  );
1888  $this->tpl->setVariable('BUTTONS_UA',$tb->getHTML());
1889 
1890  include_once './Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1891  $ut = new ilAssignedUsersTableGUI($this,'userassignment',$this->object->getId());
1892 
1893  $this->tpl->setVariable('TABLE_UA',$ut->getHTML());
1894 
1895  return true;
1896 
1897  }
1898 
1899 
1900 
1901  function __showAssignedUsersTable($a_result_set,$a_user_ids = NULL)
1902  {
1903  global $rbacsystem;
1904 
1905  $actions = array("deassignUser" => $this->lng->txt("remove"));
1906 
1907  $tbl =& $this->__initTableGUI();
1908  $tpl =& $tbl->getTemplateObject();
1909 
1910  $this->tpl->addBlockfile("BUTTONS", "buttons", "tpl.buttons.html");
1911 
1912  // display button add user
1913  $this->tpl->setCurrentBlock("btn_cell");
1914  $this->tpl->setVariable("BTN_LINK",$this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI','start'));
1915  $this->tpl->setVariable("BTN_TXT",$this->lng->txt('role_add_user'));
1916  $this->tpl->parseCurrentBlock();
1917 
1918  $this->__showButton('mailToRole',$this->lng->txt('role_mailto'),'_blank');
1919 
1920  $tpl->setCurrentBlock("tbl_form_header");
1921  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
1922  $tpl->parseCurrentBlock();
1923 
1924  $tpl->setCurrentBlock("tbl_action_row");
1925 
1926  $tpl->setVariable("COLUMN_COUNTS",5);
1927  $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("arrow_downright.gif"));
1928 
1929  foreach ($actions as $name => $value)
1930  {
1931  $tpl->setCurrentBlock("tbl_action_btn");
1932  $tpl->setVariable("BTN_NAME",$name);
1933  $tpl->setVariable("BTN_VALUE",$value);
1934  $tpl->parseCurrentBlock();
1935  }
1936 
1937  if (!empty($a_user_ids))
1938  {
1939  // set checkbox toggles
1940  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
1941  $tpl->setVariable("JS_VARNAME","user_id");
1942  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
1943  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
1944  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
1945  $tpl->parseCurrentBlock();
1946  }
1947 
1948  $tpl->setVariable("TPLPATH",$this->tpl->tplPath);
1949  $this->ctrl->setParameter($this,"cmd","userassignment");
1950 
1951  // title & header columns
1952  $tbl->setTitle($this->lng->txt("assigned_users"),"icon_usr.gif",$this->lng->txt("users"));
1953 
1954  //user must be administrator
1955  $tbl->setHeaderNames(array("",$this->lng->txt("username"),$this->lng->txt("firstname"),
1956  $this->lng->txt("lastname"),$this->lng->txt("grp_options")));
1957  $tbl->setHeaderVars(array("","login","firstname","lastname","functions"),
1958  $this->ctrl->getParameterArray($this,"",false));
1959  $tbl->setColumnWidth(array("","20%","25%","25%","30%"));
1960 
1961  $this->__setTableGUIBasicData($tbl,$a_result_set,"userassignment");
1962  $tbl->render();
1963  $this->tpl->setVariable("ADM_CONTENT",$tbl->tpl->get());
1964 
1965  return true;
1966  }
1967 
1968  function &__initTableGUI()
1969  {
1970  include_once "./Services/Table/classes/class.ilTableGUI.php";
1971 
1972  return new ilTableGUI(0,false);
1973  }
1974 
1975  function __setTableGUIBasicData(&$tbl,&$result_set,$from = "")
1976  {
1977  switch($from)
1978  {
1979  case "group":
1980  $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
1981  break;
1982 
1983  case "role":
1984  $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
1985  break;
1986 
1987  default:
1988  // init sort_by (unfortunatly sort_by is preset with 'title')
1989  if ($_GET["sort_by"] == "title" or empty($_GET["sort_by"]))
1990  {
1991  $_GET["sort_by"] = "login";
1992  }
1993  $order = $_GET["sort_by"];
1994  break;
1995  }
1996 
1997  $tbl->setOrderColumn($order);
1998  $tbl->setOrderDirection($_GET["sort_order"]);
1999  $tbl->setOffset($_GET["offset"]);
2000  $tbl->setLimit($_GET["limit"]);
2001  $tbl->setFooter("tblfooter",$this->lng->txt("previous"),$this->lng->txt("next"));
2002  $tbl->setData($result_set);
2003  }
2004 
2005  function searchUserFormObject()
2006  {
2007  global $rbacsystem;
2008 
2009  //if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
2010  if(!$this->checkAccess('edit_userassignment','edit_permission'))
2011  {
2012  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
2013  }
2014 
2015  $this->lng->loadLanguageModule('search');
2016 
2017  $this->tpl->addBlockFile("ADM_CONTENT","adm_content","tpl.role_users_search.html");
2018 
2019  $this->tpl->setVariable("F_ACTION",$this->ctrl->getFormAction($this));
2020  $this->tpl->setVariable("SEARCH_ASSIGN_USR",$this->lng->txt("role_search_users"));
2021  $this->tpl->setVariable("SEARCH_SEARCH_TERM",$this->lng->txt("search_search_term"));
2022  $this->tpl->setVariable("SEARCH_VALUE",$_SESSION["role_search_str"] ? $_SESSION["role_search_str"] : "");
2023  $this->tpl->setVariable("SEARCH_FOR",$this->lng->txt("exc_search_for"));
2024  $this->tpl->setVariable("SEARCH_ROW_TXT_USER",$this->lng->txt("exc_users"));
2025  $this->tpl->setVariable("SEARCH_ROW_TXT_ROLE",$this->lng->txt("exc_roles"));
2026  $this->tpl->setVariable("SEARCH_ROW_TXT_GROUP",$this->lng->txt("exc_groups"));
2027  $this->tpl->setVariable("BTN2_VALUE",$this->lng->txt("cancel"));
2028  $this->tpl->setVariable("BTN1_VALUE",$this->lng->txt("search"));
2029 
2030  $usr = ($_POST["search_for"] == "usr" || $_POST["search_for"] == "") ? 1 : 0;
2031  $grp = ($_POST["search_for"] == "grp") ? 1 : 0;
2032  $role = ($_POST["search_for"] == "role") ? 1 : 0;
2033 
2034  $this->tpl->setVariable("SEARCH_ROW_CHECK_USER",ilUtil::formRadioButton($usr,"search_for","usr"));
2035  $this->tpl->setVariable("SEARCH_ROW_CHECK_ROLE",ilUtil::formRadioButton($role,"search_for","role"));
2036  $this->tpl->setVariable("SEARCH_ROW_CHECK_GROUP",ilUtil::formRadioButton($grp,"search_for","grp"));
2037 
2038  $this->__unsetSessionVariables();
2039  }
2040 
2041  function __unsetSessionVariables()
2042  {
2043  unset($_SESSION["role_delete_member_ids"]);
2044  unset($_SESSION["role_delete_subscriber_ids"]);
2045  unset($_SESSION["role_search_str"]);
2046  unset($_SESSION["role_search_for"]);
2047  unset($_SESSION["role_role"]);
2048  unset($_SESSION["role_group"]);
2049  unset($_SESSION["role_archives"]);
2050  }
2051 
2056  function cancelObject()
2057  {
2058  if ($_GET["new_type"] != "role")
2059  {
2060  $this->ctrl->redirect($this, "userassignment");
2061  }
2062  else
2063  {
2064  $this->ctrl->redirectByClass("ilobjrolefoldergui","view");
2065  }
2066  }
2067 
2068  function searchObject()
2069  {
2070  global $rbacsystem, $tree;
2071 
2072  #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
2073  if(!$this->checkAccess('edit_userassignment','edit_permission'))
2074  {
2075  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
2076  }
2077 
2078  $_SESSION["role_search_str"] = $_POST["search_str"] = $_POST["search_str"] ? $_POST["search_str"] : $_SESSION["role_search_str"];
2079  $_SESSION["role_search_for"] = $_POST["search_for"] = $_POST["search_for"] ? $_POST["search_for"] : $_SESSION["role_search_for"];
2080 
2081  if (!isset($_POST["search_for"]) or !isset($_POST["search_str"]))
2082  {
2083  ilUtil::sendFailure($this->lng->txt("role_search_enter_search_string"));
2084  $this->searchUserFormObject();
2085 
2086  return false;
2087  }
2088 
2089  if (!count($result = $this->__search(ilUtil::stripSlashes($_POST["search_str"]),$_POST["search_for"])))
2090  {
2091  ilUtil::sendInfo($this->lng->txt("role_no_results_found"));
2092  $this->searchUserFormObject();
2093 
2094  return false;
2095  }
2096 
2097  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
2098  $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
2099 
2100  $counter = 0;
2101  $f_result = array();
2102 
2103  switch($_POST["search_for"])
2104  {
2105  case "usr":
2106  foreach($result as $user)
2107  {
2108  if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user["id"],false))
2109  {
2110  continue;
2111  }
2112 
2113  $user_ids[$counter] = $user["id"];
2114 
2115  $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user["id"]);
2116  $f_result[$counter][] = $tmp_obj->getLogin();
2117  $f_result[$counter][] = $tmp_obj->getFirstname();
2118  $f_result[$counter][] = $tmp_obj->getLastname();
2119 
2120  unset($tmp_obj);
2121  ++$counter;
2122  }
2123  $this->__showSearchUserTable($f_result,$user_ids);
2124 
2125  return true;
2126 
2127  case "role":
2128  foreach($result as $role)
2129  {
2130  // exclude anonymous role
2131  if ($role["id"] == ANONYMOUS_ROLE_ID)
2132  {
2133  continue;
2134  }
2135 
2136  if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($role["id"],false))
2137  {
2138  continue;
2139  }
2140 
2141  // exclude roles with no users assigned to
2142  if ($tmp_obj->getCountMembers() == 0)
2143  {
2144  continue;
2145  }
2146 
2147  $role_ids[$counter] = $role["id"];
2148 
2149  $f_result[$counter][] = ilUtil::formCheckbox(0,"role[]",$role["id"]);
2150  $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
2151  $f_result[$counter][] = $tmp_obj->getCountMembers();
2152 
2153  unset($tmp_obj);
2154  ++$counter;
2155  }
2156 
2157  $this->__showSearchRoleTable($f_result,$role_ids);
2158 
2159  return true;
2160 
2161  case "grp":
2162  foreach($result as $group)
2163  {
2164  if(!$tree->isInTree($group["id"]))
2165  {
2166  continue;
2167  }
2168 
2169  if(!$tmp_obj = ilObjectFactory::getInstanceByRefId($group["id"],false))
2170  {
2171  continue;
2172  }
2173 
2174  // exclude myself :-)
2175  if ($tmp_obj->getId() == $this->object->getId())
2176  {
2177  continue;
2178  }
2179 
2180  $grp_ids[$counter] = $group["id"];
2181 
2182  $f_result[$counter][] = ilUtil::formCheckbox(0,"group[]",$group["id"]);
2183  $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
2184  $f_result[$counter][] = $tmp_obj->getCountMembers();
2185 
2186  unset($tmp_obj);
2187  ++$counter;
2188  }
2189  $this->__showSearchGroupTable($f_result,$grp_ids);
2190 
2191  return true;
2192  }
2193  }
2194 
2195  function __search($a_search_string,$a_search_for)
2196  {
2197  include_once("./classes/class.ilSearch.php");
2198 
2199  $this->lng->loadLanguageModule("content");
2200  $search =& new ilSearch($_SESSION["AccountId"]);
2201  $search->setPerformUpdate(false);
2202  $search->setSearchString(ilUtil::stripSlashes($a_search_string));
2203  $search->setCombination("and");
2204  $search->setSearchFor(array(0 => $a_search_for));
2205  $search->setSearchType('new');
2206 
2207  if ($search->validate($message))
2208  {
2209  $search->performSearch();
2210  }
2211  else
2212  {
2213  ilUtil::sendInfo($message,true);
2214  $this->ctrl->redirect($this,"searchUserForm");
2215  }
2216 
2217  return $search->getResultByType($a_search_for);
2218  }
2219 
2220  function __showSearchUserTable($a_result_set,$a_user_ids = NULL,$a_cmd = "search")
2221  {
2222  $return_to = "searchUserForm";
2223 
2224  if ($a_cmd == "listUsersRole" or $a_cmd == "listUsersGroup")
2225  {
2226  $return_to = "search";
2227  }
2228 
2229  $tbl =& $this->__initTableGUI();
2230  $tpl =& $tbl->getTemplateObject();
2231 
2232  // SET FORMACTION
2233  $tpl->setCurrentBlock("tbl_form_header");
2234  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
2235  $tpl->parseCurrentBlock();
2236 
2237  $tpl->setCurrentBlock("tbl_action_btn");
2238  $tpl->setVariable("BTN_NAME",$return_to);
2239  $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
2240  $tpl->parseCurrentBlock();
2241 
2242  $tpl->setCurrentBlock("tbl_action_btn");
2243  $tpl->setVariable("BTN_NAME","assignUser");
2244  $tpl->setVariable("BTN_VALUE",$this->lng->txt("add"));
2245  $tpl->parseCurrentBlock();
2246 
2247  if (!empty($a_user_ids))
2248  {
2249  // set checkbox toggles
2250  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
2251  $tpl->setVariable("JS_VARNAME","user");
2252  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
2253  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
2254  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
2255  $tpl->parseCurrentBlock();
2256  }
2257 
2258  $tpl->setCurrentBlock("tbl_action_row");
2259  $tpl->setVariable("COLUMN_COUNTS",4);
2260  $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
2261  $tpl->parseCurrentBlock();
2262 
2263  $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
2264  $tbl->setHeaderNames(array("",
2265  $this->lng->txt("username"),
2266  $this->lng->txt("firstname"),
2267  $this->lng->txt("lastname")));
2268  $tbl->setHeaderVars(array("",
2269  "login",
2270  "firstname",
2271  "lastname"),
2272  $this->ctrl->getParameterArray($this,$a_cmd,false));
2273  //array("ref_id" => $this->rolf_ref_id,
2274  // "obj_id" => $this->object->getId(),
2275  // "cmd" => $a_cmd,
2276  //"cmdClass" => "ilobjrolegui",
2277  // "cmdNode" => $_GET["cmdNode"]));
2278 
2279  $tbl->setColumnWidth(array("","33%","33%","33%"));
2280 
2281  $this->__setTableGUIBasicData($tbl,$a_result_set);
2282  $tbl->render();
2283 
2284  $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
2285 
2286  return true;
2287  }
2288 
2289  function __showSearchRoleTable($a_result_set,$a_role_ids = NULL)
2290  {
2291  $tbl =& $this->__initTableGUI();
2292  $tpl =& $tbl->getTemplateObject();
2293 
2294  $tpl->setCurrentBlock("tbl_form_header");
2295  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
2296  $tpl->parseCurrentBlock();
2297 
2298  $tpl->setCurrentBlock("tbl_action_btn");
2299  $tpl->setVariable("BTN_NAME","searchUserForm");
2300  $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
2301  $tpl->parseCurrentBlock();
2302 
2303  $tpl->setCurrentBlock("tbl_action_btn");
2304  $tpl->setVariable("BTN_NAME","listUsersRole");
2305  $tpl->setVariable("BTN_VALUE",$this->lng->txt("role_list_users"));
2306  $tpl->parseCurrentBlock();
2307 
2308  if (!empty($a_role_ids))
2309  {
2310  // set checkbox toggles
2311  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
2312  $tpl->setVariable("JS_VARNAME","role");
2313  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_role_ids));
2314  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
2315  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
2316  $tpl->parseCurrentBlock();
2317  }
2318 
2319  $tpl->setCurrentBlock("tbl_action_row");
2320  $tpl->setVariable("COLUMN_COUNTS",4);
2321  $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
2322  $tpl->parseCurrentBlock();
2323 
2324  $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
2325  $tbl->setHeaderNames(array("",
2326  $this->lng->txt("obj_role"),
2327  $this->lng->txt("role_count_users")));
2328  $tbl->setHeaderVars(array("",
2329  "title",
2330  "nr_members"),
2331  $this->ctrl->getParameterArray($this,"search",false));
2332  //array("ref_id" => $this->rolf_ref_id,
2333  //"obj_id" => $this->object->getId(),
2334  //"cmd" => "search",
2335  //"cmdClass" => "ilobjrolegui",
2336  //"cmdNode" => $_GET["cmdNode"]));
2337 
2338  $tbl->setColumnWidth(array("","80%","19%"));
2339 
2340 
2341  $this->__setTableGUIBasicData($tbl,$a_result_set,"role");
2342  $tbl->render();
2343 
2344  $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
2345 
2346  return true;
2347  }
2348 
2349  function __showSearchGroupTable($a_result_set,$a_grp_ids = NULL)
2350  {
2351  $tbl =& $this->__initTableGUI();
2352  $tpl =& $tbl->getTemplateObject();
2353 
2354  $tpl->setCurrentBlock("tbl_form_header");
2355  $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
2356  $tpl->parseCurrentBlock();
2357 
2358  $tpl->setCurrentBlock("tbl_action_btn");
2359  $tpl->setVariable("BTN_NAME","searchUserForm");
2360  $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
2361  $tpl->parseCurrentBlock();
2362 
2363  $tpl->setCurrentBlock("tbl_action_btn");
2364  $tpl->setVariable("BTN_NAME","listUsersGroup");
2365  $tpl->setVariable("BTN_VALUE",$this->lng->txt("grp_list_users"));
2366  $tpl->parseCurrentBlock();
2367 
2368  if (!empty($a_grp_ids))
2369  {
2370  // set checkbox toggles
2371  $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
2372  $tpl->setVariable("JS_VARNAME","group");
2373  $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_grp_ids));
2374  $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
2375  $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
2376  $tpl->parseCurrentBlock();
2377  }
2378 
2379  $tpl->setCurrentBlock("tbl_action_row");
2380  $tpl->setVariable("COLUMN_COUNTS",4);
2381  $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
2382  $tpl->parseCurrentBlock();
2383 
2384  $tbl->setTitle($this->lng->txt("grp_header_edit_members"),"icon_usr.gif",$this->lng->txt("grp_header_edit_members"));
2385  $tbl->setHeaderNames(array("",
2386  $this->lng->txt("obj_grp"),
2387  $this->lng->txt("grp_count_members")));
2388  $tbl->setHeaderVars(array("",
2389  "title",
2390  "nr_members"),
2391  array("ref_id" => $this->rolf_ref_id,
2392  "obj_id" => $this->object->getId(),
2393  "cmd" => "search",
2394  "cmdClass" => "ilobjrolegui",
2395  "cmdNode" => $_GET["cmdNode"]));
2396 
2397  $tbl->setColumnWidth(array("","80%","19%"));
2398 
2399 
2400  $this->__setTableGUIBasicData($tbl,$a_result_set,"group");
2401  $tbl->render();
2402 
2403  $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
2404 
2405  return true;
2406  }
2407 
2408  function listUsersRoleObject()
2409  {
2410  global $rbacsystem,$rbacreview;
2411 
2412  $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
2413 
2414  if (!is_array($_POST["role"]))
2415  {
2416  ilUtil::sendFailure($this->lng->txt("role_no_roles_selected"));
2417  $this->searchObject();
2418 
2419  return false;
2420  }
2421 
2422  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
2423  $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
2424 
2425  // GET ALL MEMBERS
2426  $members = array();
2427 
2428  foreach ($_POST["role"] as $role_id)
2429  {
2430  $members = array_merge($rbacreview->assignedUsers($role_id),$members);
2431  }
2432 
2433  $members = array_unique($members);
2434 
2435  // FORMAT USER DATA
2436  $counter = 0;
2437  $f_result = array();
2438 
2439  foreach($members as $user)
2440  {
2441  if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
2442  {
2443  continue;
2444  }
2445 
2446  $user_ids[$counter] = $user;
2447 
2448  // TODO: exclude anonymous user
2449  $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
2450  $f_result[$counter][] = $tmp_obj->getLogin();
2451  $f_result[$counter][] = $tmp_obj->getFirstname();
2452  $f_result[$counter][] = $tmp_obj->getLastname();
2453 
2454  unset($tmp_obj);
2455  ++$counter;
2456  }
2457 
2458  $this->__showSearchUserTable($f_result,$user_ids,"listUsersRole");
2459 
2460  return true;
2461  }
2462 
2463  function listUsersGroupObject()
2464  {
2465  global $rbacsystem,$rbacreview,$tree;
2466 
2467  $_SESSION["role_group"] = $_POST["group"] = $_POST["group"] ? $_POST["group"] : $_SESSION["role_group"];
2468 
2469  if (!is_array($_POST["group"]))
2470  {
2471  ilUtil::sendFailure($this->lng->txt("role_no_groups_selected"));
2472  $this->searchObject();
2473 
2474  return false;
2475  }
2476 
2477  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
2478  $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
2479 
2480  // GET ALL MEMBERS
2481  $members = array();
2482 
2483  foreach ($_POST["group"] as $group_id)
2484  {
2485  if (!$tree->isInTree($group_id))
2486  {
2487  continue;
2488  }
2489  if (!$tmp_obj = ilObjectFactory::getInstanceByRefId($group_id))
2490  {
2491  continue;
2492  }
2493 
2494  $members = array_merge($tmp_obj->getGroupMemberIds(),$members);
2495 
2496  unset($tmp_obj);
2497  }
2498 
2499  $members = array_unique($members);
2500 
2501  // FORMAT USER DATA
2502  $counter = 0;
2503  $f_result = array();
2504 
2505  foreach($members as $user)
2506  {
2507  if (!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
2508  {
2509  continue;
2510  }
2511 
2512  $user_ids[$counter] = $user;
2513 
2514  $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
2515  $f_result[$counter][] = $tmp_obj->getLogin();
2516  $f_result[$counter][] = $tmp_obj->getFirstname();
2517  $f_result[$counter][] = $tmp_obj->getLastname();
2518 
2519  unset($tmp_obj);
2520  ++$counter;
2521  }
2522 
2523  $this->__showSearchUserTable($f_result,$user_ids,"listUsersGroup");
2524 
2525  return true;
2526  }
2527 
2528 
2529  function __formatPath($a_path_arr)
2530  {
2531  $counter = 0;
2532 
2533  foreach ($a_path_arr as $data)
2534  {
2535  if ($counter++)
2536  {
2537  $path .= " -> ";
2538  }
2539 
2540  $path .= $data['title'];
2541  }
2542 
2543  if (strlen($path) > 50)
2544  {
2545  return '...'.substr($path,-50);
2546  }
2547 
2548  return $path;
2549  }
2550 
2551  function __prepareOutput()
2552  {
2553  // output objects
2554  //$this->tpl->addBlockFile("CONTENT", "content", "tpl.role.html");
2555  $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
2556  $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
2557 
2558  // output locator
2559  //$this->__setLocator();
2560 
2561  // output message
2562  if ($this->message)
2563  {
2564  ilUtil::sendInfo($this->message);
2565  }
2566 
2567  // display infopanel if something happened
2568  ilUtil::infoPanel();
2569 
2570  // set header
2571  $this->__setHeader();
2572  }
2573 
2574  function __setHeader()
2575  {
2576  include_once './classes/class.ilTabsGUI.php';
2577 
2578  $this->tpl->setTitle($this->lng->txt('role'));
2579  $this->tpl->setDescription($this->object->getTitle());
2580  $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.gif"));
2581 
2582  #$tabs_gui =& new ilTabsGUI();
2583  $this->getTabs($this->tabs_gui);
2584 
2585  // output tabs
2586  #$this->tpl->setVariable("TABS", $tabs_gui->getHTML());
2587  }
2588 
2589  function __setLocator()
2590  {
2591  global $tree, $ilias_locator;
2592 
2593  return;
2594 
2595  $this->tpl->addBlockFile("LOCATOR", "locator", "tpl.locator.html", "Services/Locator");
2596 
2597  $counter = 0;
2598 
2599  foreach ($tree->getPathFull($this->rolf_ref_id) as $key => $row)
2600  {
2601  if ($counter++)
2602  {
2603  $this->tpl->touchBlock('locator_separator_prefix');
2604  }
2605 
2606  $this->tpl->setCurrentBlock("locator_item");
2607 
2608  if ($row["type"] == 'rolf')
2609  {
2610  $this->tpl->setVariable("ITEM",$this->object->getTitle());
2611  $this->tpl->setVariable("LINK_ITEM",$this->ctrl->getLinkTarget($this));
2612  }
2613  elseif ($row["child"] != $tree->getRootId())
2614  {
2615  $this->tpl->setVariable("ITEM", $row["title"]);
2616  $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
2617  }
2618  else
2619  {
2620  $this->tpl->setVariable("ITEM", $this->lng->txt("repository"));
2621  $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
2622  }
2623 
2624  $this->tpl->parseCurrentBlock();
2625  }
2626 
2627  $this->tpl->setVariable("TXT_LOCATOR",$this->lng->txt("locator"));
2628  $this->tpl->parseCurrentBlock();
2629  }
2630 
2635  function addAdminLocatorItems()
2636  {
2637  global $ilLocator;
2638 
2639  if ($_GET["admin_mode"] == "settings"
2640  && $_GET["ref_id"] == ROLE_FOLDER_ID) // system settings
2641  {
2642  $ilLocator->addItem($this->lng->txt("administration"),
2643  $this->ctrl->getLinkTargetByClass("iladministrationgui", "frameset"),
2644  ilFrameTargetInfo::_getFrame("MainContent"));
2645 
2646  $ilLocator->addItem($this->lng->txt("obj_".ilObject::_lookupType(
2647  ilObject::_lookupObjId($_GET["ref_id"]))),
2648  $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
2649 
2650  if ($_GET["obj_id"] > 0)
2651  {
2652  $ilLocator->addItem($this->object->getTitle(),
2653  $this->ctrl->getLinkTarget($this, "view"));
2654  }
2655  }
2656  else // repository administration
2657  {
2658  // ?
2659  }
2660  }
2661 
2662  function showUpperIcon()
2663  {
2664  global $tree, $tpl, $objDefinition;
2665 
2666  return parent::showUpperIcon();
2667 
2668  if (strtolower($_GET["baseClass"]) == "iladministrationgui")
2669  {
2670  if ($_GET["admin_mode"] == "settings"
2671  && $_GET["ref_id"] != SYSTEM_FOLDER_ID)
2672  {
2673  $tpl->setUpperIcon(
2674  $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
2675  }
2676  }
2677  else
2678  {
2679  if ($this->object->getRefId() != ROOT_FOLDER_ID &&
2680  $this->object->getRefId() != SYSTEM_FOLDER_ID)
2681  {
2682  $par_id = $tree->getParentId($this->object->getRefId());
2683  $tpl->setUpperIcon("repository.php?ref_id=".$par_id);
2684  }
2685  }
2686  }
2687 
2688 
2689 
2690  function getTabs(&$tabs_gui)
2691  {
2692  global $rbacsystem,$rbacreview;
2693 
2694  $base_role_folder = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
2695 
2696 //var_dump($base_role_folder);
2697 //echo "-".$this->rolf_ref_id."-";
2698 
2699  $activate_role_edit = false;
2700 
2701  // todo: activate the following (allow editing of local roles in
2702  // roles administration)
2703  //if (in_array($this->rolf_ref_id,$base_role_folder))
2704  if (in_array($this->rolf_ref_id,$base_role_folder) ||
2705  (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
2706  $_GET["admin_mode"] == "settings"))
2707  {
2708  $activate_role_edit = true;
2709  }
2710 
2711  // not so nice (workaround for using tabs in repository)
2712  $tabs_gui->clearTargets();
2713 
2714  if ($this->back_target != "")
2715  {
2716  $tabs_gui->setBackTarget(
2717  $this->back_target["text"],$this->back_target["link"]);
2718  }
2719 
2720  if($this->checkAccess('write','edit_permission') && $activate_role_edit)
2721  {
2722  $tabs_gui->addTarget("edit_properties",
2723  $this->ctrl->getLinkTarget($this, "edit"), array("edit","update"), get_class($this));
2724  }
2725 /*
2726  if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
2727  {
2728  $force_active = ($_GET["cmd"] == "perm" || $_GET["cmd"] == "")
2729  ? true
2730  : false;
2731  $tabs_gui->addTarget("default_perm_settings",
2732  $this->ctrl->getLinkTarget($this, "perm"), array("perm", "adoptPermSave", "permSave"),
2733  get_class($this),
2734  "", $force_active);
2735  }
2736 */
2737  if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
2738  {
2739  $tabs_gui->addTarget(
2740  "default_perm_settings",
2741  $this->ctrl->getLinkTarget($this, "perm"), array(),get_class($this)
2742  );
2743  }
2744 
2745  if($this->checkAccess('write','edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
2746  {
2747  $tabs_gui->addTarget("user_assignment",
2748  $this->ctrl->getLinkTarget($this, "userassignment"),
2749  array("deassignUser", "userassignment", "assignUser", "searchUserForm", "search"),
2750  get_class($this));
2751  }
2752 
2753  if($this->checkAccess('write','edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
2754  {
2755  $tabs_gui->addTarget("desktop_items",
2756  $this->ctrl->getLinkTarget($this, "listDesktopItems"),
2757  array("listDesktopItems", "deleteDesktopItems", "selectDesktopItem", "askDeleteDesktopItem"),
2758  get_class($this));
2759  }
2760  }
2761 
2762  function mailToRoleObject()
2763  {
2764  global $rbacreview;
2765 
2766  $obj_ids = ilObject::_getIdsForTitle($this->object->getTitle(), $this->object->getType());
2767  if(count($obj_ids) > 1)
2768  {
2769  $_SESSION['mail_roles'][] = '#il_role_'.$this->object->getId();
2770  }
2771  else
2772  {
2773  $_SESSION['mail_roles'][] = $rbacreview->getRoleMailboxAddress($this->object->getId());
2774  }
2775 
2776  require_once 'Services/Mail/classes/class.ilMailFormCall.php';
2777  $script = ilMailFormCall::_getRedirectTarget($this, 'userassignment', array(), array('type' => 'role'));
2778  ilUtil::redirect($script);
2779  }
2780 
2781  function checkAccess($a_perm_global,$a_perm_obj = '')
2782  {
2783  global $rbacsystem,$ilAccess;
2784 
2785  $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
2786 
2787  if($this->rolf_ref_id == ROLE_FOLDER_ID)
2788  {
2789  return $rbacsystem->checkAccess($a_perm_global,$this->rolf_ref_id);
2790  }
2791  else
2792  {
2793  return $ilAccess->checkAccess($a_perm_obj,'',$this->obj_ref_id);
2794  }
2795  }
2796 
2801  protected function isChangeExistingObjectsConfirmationRequired()
2802  {
2803  global $rbacreview;
2804 
2805  if(!(int) $_POST['recursive'] and !is_array($_POST['recursive_list']))
2806  {
2807  return false;
2808  }
2809 
2810  // Role is protected
2811  if($rbacreview->isProtected($this->rolf_ref_id, $this->object->getId()))
2812  {
2813  // TODO: check if recursive_list is enabled
2814  // and if yes: check if inheritance is broken for the relevant object types
2815  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
2816  }
2817  else
2818  {
2819  // TODO: check if recursive_list is enabled
2820  // and if yes: check if inheritance is broken for the relevant object types
2821  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
2822  }
2823  }
2824 
2829  protected function showChangeExistingObjectsConfirmation()
2830  {
2831  $protected = $_POST['protected'];
2832 
2833  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
2834  $form = new ilPropertyFormGUI();
2835  $form->setFormAction($this->ctrl->getFormAction($this,'changeExistingObjects'));
2836  $form->setTitle($this->lng->txt('rbac_change_existing_confirm_tbl'));
2837 
2838  $form->addCommandButton('changeExistingObjects', $this->lng->txt('change_existing_objects'));
2839  $form->addCommandButton('perm',$this->lng->txt('cancel'));
2840 
2841  $hidden = new ilHiddenInputGUI('type_filter');
2842  $hidden->setValue(
2843  $_POST['recursive'] ?
2844  serialize(array('all')) :
2845  serialize($_POST['recursive_list'])
2846  );
2847  $form->addItem($hidden);
2848 
2849  $rad = new ilRadioGroupInputGUI($this->lng->txt('rbac_local_policies'),'mode');
2850 
2851  if($protected)
2852  {
2853  $rad->setValue(ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES);
2854  $keep = new ilRadioOption(
2855  $this->lng->txt('rbac_keep_local_policies'),
2856  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
2857  $this->lng->txt('rbac_keep_local_policies_info')
2858  );
2859  }
2860  else
2861  {
2862  $rad->setValue(ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES);
2863  $keep = new ilRadioOption(
2864  $this->lng->txt('rbac_keep_local_policies'),
2865  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
2866  $this->lng->txt('rbac_unprotected_keep_local_policies_info')
2867  );
2868 
2869  }
2870  $rad->addOption($keep);
2871 
2872  if($protected)
2873  {
2874  $del = new ilRadioOption(
2875  $this->lng->txt('rbac_delete_local_policies'),
2876  ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES,
2877  $this->lng->txt('rbac_delete_local_policies_info')
2878  );
2879  }
2880  else
2881  {
2882  $del = new ilRadioOption(
2883  $this->lng->txt('rbac_delete_local_policies'),
2884  ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES,
2885  $this->lng->txt('rbac_unprotected_delete_local_policies_info')
2886  );
2887  }
2888  $rad->addOption($del);
2889 
2890  $form->addItem($rad);
2891  $this->tpl->setContent($form->getHTML());
2892  }
2893 
2898  protected function changeExistingObjectsObject()
2899  {
2900  global $tree,$rbacreview,$rbacadmin;
2901 
2902  $mode = (int) $_POST['mode'];
2903  $start = ($this->rolf_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $tree->getParentId($this->rolf_ref_id));
2904  $this->object->changeExistingObjects($start,$mode,unserialize(ilUtil::stripSlashes($_POST['type_filter'])));
2905 
2906  ilUtil::sendSuccess($this->lng->txt('settings_saved'),true);
2907  $this->ctrl->redirect($this,'perm');
2908  }
2909 
2915  protected function setSubTabs($a_tab)
2916  {
2917  global $ilTabs;
2918 
2919  switch($a_tab)
2920  {
2921  case 'default_perm_settings':
2922  if($this->rolf_ref_id != ROLE_FOLDER_ID)
2923  {
2924  return true;
2925  }
2926  $ilTabs->addSubTabTarget(
2927  'rbac_repository_permissions',
2928  $this->ctrl->getLinkTarget($this,'perm')
2929  );
2930  $ilTabs->addSubTabTarget(
2931  'rbac_admin_permissions',
2932  $this->ctrl->getLinkTarget($this,'adminPerm')
2933  );
2934  }
2935  return true;
2936  }
2937 
2938 
2939 } // END class.ilObjRoleGUI
2940 ?>