ILIAS  Release_4_2_x_branch Revision 61807
 All Data Structures Namespaces Files Functions Variables Groups Pages
ilObjRole Class Reference

Class ilObjRole. More...

+ Inheritance diagram for ilObjRole:
+ Collaboration diagram for ilObjRole:

Public Member Functions

 ilObjRole ($a_id=0, $a_call_by_reference=false)
 Constructor public.
 validate ()
 Validate role data.
 getPresentationTitle ()
 return translated title for autogenerated roles
 toggleAssignUsersStatus ($a_assign_users)
 getAssignUsersStatus ()
 _getAssignUsersStatus ($a_role_id)
 read ()
 loads "role" from database private
 assignData ($a_data)
 loads a record "role" from array public
 update ()
 updates a record "role" and write it into database public
 create ()
 create
 setAllowRegister ($a_allow_register)
 set allow_register of role
 getAllowRegister ()
 get allow_register
 setDiskQuota ($a_disk_quota)
 Sets the minimal disk quota imposed by this role.
 getDiskQuota ()
 Gets the minimal disk quota imposed by this role.
 _lookupRegisterAllowed ()
 get all roles that are activated in user registration
 _lookupAllowRegister ($a_role_id)
 check whether role is allowed in user registration or not
 setParent ($a_parent_ref)
 set reference id of parent object this is neccessary for non RBAC protected objects!!!
 getParent ()
 get reference id of parent object
 delete ()
 delete role and all related data
 getCountMembers ()
 _getTranslation ($a_role_title)
 _updateAuthMode ($a_roles)
 _getAuthMode ($a_role_id)
 __getPermissionDefinitions ()
 isDeletable ($a_role_folder_id)
 Check whether a role is deletable (non autogenereated role and defined) at this position Does not perform permission checks.
 changeExistingObjects ($a_start_node, $a_mode, $a_filter, $a_exclusion_filter=array())
 Change existing objects.
- Public Member Functions inherited from ilObject
 ilObject ($a_id=0, $a_reference=true)
 Constructor public.
 withReferences ()
 determines wehter objects are referenced or not (got ref ids or not)
 read ($a_force_db=false)
 read object data from db into object
 getId ()
 get object id public
 setId ($a_id)
 set object id public
 setRefId ($a_id)
 set reference id public
 getRefId ()
 get reference id public
 getType ()
 get object type public
 setType ($a_type)
 set object type public
 getTitle ()
 get object title public
 getUntranslatedTitle ()
 get untranslated object title public
 setTitle ($a_title)
 set object title
 getDescription ()
 get object description
 setDescription ($a_desc)
 set object description
 getLongDescription ()
 get object long description (stored in object_description)
 getImportId ()
 get import id
 setImportId ($a_import_id)
 set import id
 getOwner ()
 get object owner
 getOwnerName ()
 _lookupOwnerName ($a_owner_id)
 lookup owner name for owner id
 setOwner ($a_owner)
 set object owner
 getCreateDate ()
 get create date public
 getLastUpdateDate ()
 get last update date public
 getDiskUsage ()
 Gets the disk usage of the object in bytes.
 setObjDataRecord ($a_record)
 set object_data record (note: this method should only be called from the ilObjectFactory class)
 MDUpdateListener ($a_element)
 Meta data update listener.
 createMetaData ()
 create meta data entry
 updateMetaData ()
 update meta data entry
 deleteMetaData ()
 delete meta data entry
 updateOwner ()
 update owner of object in db
 _getIdForImportId ($a_import_id)
 get current object id for import id (static)
 _lookupOwner ($a_id)
 lookup object owner
 _lookupLastUpdate ($a_id, $a_as_string=false)
 lookup last update
 _getLastUpdateOfObjects ($a_objs)
 Get last update for a set of media objects.
 _setDeletedDate ($a_ref_id)
 only called in ilTree::saveSubTree
 _resetDeletedDate ($a_ref_id)
 only called in ilObjectGUI::insertSavedNodes
 _lookupDeletedDate ($a_ref_id)
 only called in ilObjectGUI::insertSavedNodes
 _writeTitle ($a_obj_id, $a_title)
 write title to db (static)
 _writeDescription ($a_obj_id, $a_desc)
 write description to db (static)
 _writeImportId ($a_obj_id, $a_import_id)
 write import id to db (static)
 _isInTrash ($a_ref_id)
 checks wether object is in trash
 _hasUntrashedReference ($a_obj_id)
 checks wether an object has at least one reference that is not in trash
 _lookupObjectId ($a_ref_id)
 lookup object id
 _getObjectsDataForType ($a_type, $a_omit_trash=false)
 get all objects of a certain type
 putInTree ($a_parent_ref)
 maybe this method should be in tree object!?
 setPermissions ($a_parent_ref)
 set permissions of object
 createReference ()
 creates reference for object
 countReferences ()
 count references of object
 initDefaultRoles ()
 init default roles settings Purpose of this function is to create a local role folder and local roles, that are needed depending on the object type If you want to setup default local roles you MUST overwrite this method in derived object classes (see ilObjForum for an example) public
 createRoleFolder ()
 creates a local role folder
 applyDidacticTemplate ($a_tpl_id)
 Apply template.
 notify ($a_event, $a_ref_id, $a_parent_non_rbac_id, $a_node_id, $a_params=0)
 notifys an object about an event occured Based on the event passed, each object may decide how it reacts.
 setRegisterMode ($a_bool)
 isUserRegistered ($a_user_id=0)
 requireRegistration ()
 getXMLZip ()
 getHTMLDirectory ()
 cloneObject ($a_target_id, $a_copy_id=0, $a_omit_tree=false)
 Clone object permissions, put in tree ...
 appendCopyInfo ($a_target_id, $a_copy_id)
 Prepend Copy info if object with same name exists in that container.
 cloneDependencies ($a_target_id, $a_copy_id)
 Clone object dependencies.
 cloneMetaData ($target_obj)
 Copy meta data.

Static Public Member Functions

static _getRolesByAuthMode ($a_auth_mode)
 Get roles by auth mode.
static _resetAuthMode ($a_auth_mode)
 Reset auth mode to default.
static isAutoGenerated ($a_role_id)
- Static Public Member Functions inherited from ilObject
static _lookupObjIdByImportId ($a_import_id)
static _getAllReferences ($a_id)
 get all reference ids of object
static _lookupTitle ($a_id)
 lookup object title
static _getIdsForTitle ($title, $type= '', $partialmatch=false)
static _lookupDescription ($a_id)
 lookup object description
static _lookupObjId ($a_id)
static _lookupType ($a_id, $a_reference=false)
 lookup object type
 _exists ($a_id, $a_reference=false)
 checks if an object exists in object_data
static _getObjectsByType ($a_obj_type="", $a_owner="")
 Get objects by type.
static _prepareCloneSelection ($a_ref_ids, $new_type, $show_path=true)
 Prepare copy wizard object selection.
static _getIcon ($a_obj_id="", $a_size="big", $a_type="", $a_offline=false)
 Get icon for repository item.
static collectDeletionDependencies (&$deps, $a_ref_id, $a_obj_id, $a_type, $a_depth=0)
 Collect deletion dependencies.
static getDeletionDependencies ($a_obj_id)
 Get deletion dependencies.

Data Fields

const MODE_PROTECTED_DELETE_LOCAL_POLICIES = 1
const MODE_PROTECTED_KEEP_LOCAL_POLICIES = 2
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES = 3
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES = 4
 $parent
 $allow_register
 $assign_users
 $disk_quota
 The disk quota in bytes.
- Data Fields inherited from ilObject
const TITLE_LENGTH = 128
 max length of object title
 $ilias
 $lng
 $id
 $ref_id
 $type
 $title
 $untranslatedTitle
 $desc
 $long_desc
 $owner
 $create_date
 $last_update
 $import_id
 $register = false
 $referenced
 $objectList
 $max_title
 $max_desc
 $add_dots
 $obj_data_record
 object_data record

Protected Member Functions

 deleteLocalPolicies ($a_start, $a_policies, $a_filter)
 Delete local policies.
 adjustPermissions ($a_mode, $a_nodes, $a_policies, $a_filter, $a_exclusion_filter=array())
 Adjust permissions.
 isHandledObjectType ($a_filter, $a_exclusion_filter, $a_type)
 Check if type is filterer.
 updateOperationStack (&$a_stack, $a_node)
 Update operation stack.
 initOperationStack (&$a_stack, $a_node)
 Init operation stack $rbacreview.
 updatePolicyStack (&$a_stack, $a_node)
 Update policy stack.
 initPolicyStack (&$a_stack, $a_node)
 Init policy stack <type> $rbacreview.
 createPermissionIntersection ($policy_stack, $a_current_ops, $a_id, $a_type)
 Create course group permission intersection.

Detailed Description

Class ilObjRole.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
Id:
class.ilObjRole.php 33142 2012-02-13 09:27:37Z smeyer

Definition at line 15 of file class.ilObjRole.php.

Member Function Documentation

ilObjRole::__getPermissionDefinitions ( )

Definition at line 535 of file class.ilObjRole.php.

References $ilDB, ilObject\$lng, and ilPlugin\lookupTxt().

{
global $ilDB, $lng, $objDefinition,$rbacreview;
$operation_info = $rbacreview->getOperationAssignment();
foreach($operation_info as $info)
{
if($objDefinition->getDevMode($info['type']))
{
continue;
}
$rbac_objects[$info['typ_id']] = array("obj_id" => $info['typ_id'],
"type" => $info['type']);
// handle plugin permission texts
$txt = $objDefinition->isPlugin($info['type'])
? ilPlugin::lookupTxt("rep_robj", $info['type'], $info['type']."_".$info['operation'])
: $lng->txt($info['type']."_".$info['operation']);
if (substr($info['operation'], 0, 7) == "create_" &&
$objDefinition->isPlugin(substr($info['operation'], 7)))
{
$txt = ilPlugin::lookupTxt("rep_robj", substr($info['operation'], 7), $info['type']."_".$info['operation']);
}
$rbac_operations[$info['typ_id']][$info['ops_id']] = array(
"ops_id" => $info['ops_id'],
"title" => $info['operation'],
"name" => $txt);
}
return array($rbac_objects,$rbac_operations);
}

+ Here is the call graph for this function:

ilObjRole::_getAssignUsersStatus (   $a_role_id)

Definition at line 84 of file class.ilObjRole.php.

References $ilDB, $query, $res, and $row.

Referenced by ilRbacReview\getGlobalAssignableRoles(), ilObjUserFolderGUI\importUserRoleAssignmentObject(), ilSoapUserAdministration\importUsers(), ilObjUserFolderGUI\importUsersObject(), ilObjUserGUI\initCreate(), and ilSoapUserAdministration\isPermittedRole().

{
global $ilDB;
$query = "SELECT assign_users FROM role_data WHERE role_id = ".$ilDB->quote($a_role_id,'integer')." ";
$res = $ilDB->query($query);
while($row = $ilDB->fetchObject($res))
{
return $row->assign_users ? true : false;
}
return false;
}

+ Here is the caller graph for this function:

ilObjRole::_getAuthMode (   $a_role_id)

Definition at line 483 of file class.ilObjRole.php.

References $ilDB, $query, $res, and $row.

{
global $ilDB;
$query = "SELECT auth_mode FROM role_data ".
"WHERE role_id= ".$ilDB->quote($a_role_id,'integer')." ";
$res = $ilDB->query($query);
$row = $ilDB->fetchAssoc($res);
return $row['auth_mode'];
}
static ilObjRole::_getRolesByAuthMode (   $a_auth_mode)
static

Get roles by auth mode.

public

Parameters
stringauth mode

Definition at line 502 of file class.ilObjRole.php.

References $ilDB, $query, $res, and $row.

Referenced by ilRadiusSettings\read().

{
global $ilDB;
$query = "SELECT * FROM role_data ".
"WHERE auth_mode = ".$ilDB->quote($a_auth_mode,'text');
$res = $ilDB->query($query);
$roles = array();
while($row = $ilDB->fetchObject($res))
{
$roles[] = $row->role_id;
}
return $roles;
}

+ Here is the caller graph for this function:

ilObjRole::_getTranslation (   $a_role_title)

Definition at line 440 of file class.ilObjRole.php.

References ilObject\$lng, and ilPlugin\lookupTxt().

Referenced by ilCourseEditParticipantsTableGUI\__construct(), ilObjRoleGUI\adoptPermObject(), ilObjRoleFolderGUI\confirmDeleteObject(), ilObjectRolePermissionTableGUI\createTitle(), ilObjRoleGUI\editObject2(), ilObjectStatusGUI\getAssignedValidRoles(), ilObjCourse\getLocalCourseRoles(), ilObjGroup\getLocalGroupRoles(), ilObjiLincCourse\getLocalRoles(), ilObjiLincCourse\getMemberRolesTitle(), getPresentationTitle(), ilObjectStatusGUI\getRoleAssignmentInfo(), ilPermission2GUI\initRoleForm(), ilObjiLincCourseGUI\mailMembersObject(), ilObjGroupGUI\mailMembersObject(), ilObjCourseGUI\mailMembersObject(), ilRoleSelectionTableGUI\parse(), ilRoleTableGUI\parse(), ilObjRoleGUI\perm2Object(), ilObjRoleTemplateGUI\permObject(), ilObjUserGUI\roleassignmentObject(), ilPermissionGUI\showConfirmBlockRole(), and ilSoapRoleObjectXMLWriter\start().

{
global $lng;
$test_str = explode('_',$a_role_title);
// check for plugins
if(substr($a_role_title, 0, 4) == 'il_x')
{
include_once './Services/Component/classes/class.ilPlugin.php';
array_pop($test_str);
return ilPlugin::lookupTxt('rep_robj', $test_str[1], implode('_',$test_str));
}
if ($test_str[0] == 'il')
{
$test2 = (int) $test_str[3];
if ($test2 > 0)
{
unset($test_str[3]);
}
return $lng->txt(implode('_',$test_str));
}
return $a_role_title;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilObjRole::_lookupAllowRegister (   $a_role_id)

check whether role is allowed in user registration or not

Parameters
int$a_role_idrole id
Returns
boolean true if role is allowed in user registration

Definition at line 270 of file class.ilObjRole.php.

References $ilDB, $query, and $res.

Referenced by ilRegistrationSettingsGUI\editRoles(), and ilAccountRegistrationGUI\saveForm().

{
global $ilDB;
$query = "SELECT * FROM role_data ".
" WHERE role_id =".$ilDB->quote($a_role_id,'integer');
$res = $ilDB->query($query);
if ($role_rec = $ilDB->fetchAssoc($res))
{
if ($role_rec["allow_register"])
{
return true;
}
}
return false;
}

+ Here is the caller graph for this function:

ilObjRole::_lookupRegisterAllowed ( )

get all roles that are activated in user registration

public

Returns
array array of int: role ids

Definition at line 244 of file class.ilObjRole.php.

References $ilDB, $query, and $res.

Referenced by ilRegistrationSettingsGUI\__prepareAccessLimitationRoleList(), ilRegistrationSettingsGUI\__prepareRoleList(), ilShopUtils\_createRandomUserAccount(), ilUserProfile\addStandardFieldsToForm(), ilObjAuthSettingsGUI\authSettingsObject(), ilRegistrationSettingsGUI\editRoleAccessLimitations(), and ilRegistrationSettingsGUI\saveRoleAccessLimitations().

{
global $ilDB;
$query = "SELECT * FROM role_data ".
"JOIN object_data ON object_data.obj_id = role_data.role_id ".
"WHERE allow_register = 1";
$res = $ilDB->query($query);
$roles = array();
while($role = $ilDB->fetchAssoc($res))
{
$roles[] = array("id" => $role["obj_id"],
"title" => $role["title"],
"auth_mode" => $role['auth_mode']);
}
return $roles;
}

+ Here is the caller graph for this function:

static ilObjRole::_resetAuthMode (   $a_auth_mode)
static

Reset auth mode to default.

public

Parameters
stringauth mode

Definition at line 525 of file class.ilObjRole.php.

References $ilDB, $query, and $res.

Referenced by ilRadiusSettings\save().

{
global $ilDB;
$query = "UPDATE role_data SET auth_mode = 'default' WHERE auth_mode = ".$ilDB->quote($a_auth_mode,'text');
$res = $ilDB->manipulate($query);
}

+ Here is the caller graph for this function:

ilObjRole::_updateAuthMode (   $a_roles)

Definition at line 470 of file class.ilObjRole.php.

References $ilDB, $query, and $res.

Referenced by ilRadiusSettings\save(), and ilObjAuthSettingsGUI\updateAuthRolesObject().

{
global $ilDB;
foreach ($a_roles as $role_id => $auth_mode)
{
$query = "UPDATE role_data SET ".
"auth_mode= ".$ilDB->quote($auth_mode,'text')." ".
"WHERE role_id= ".$ilDB->quote($role_id,'integer')." ";
$res = $ilDB->manipulate($query);
}
}

+ Here is the caller graph for this function:

ilObjRole::adjustPermissions (   $a_mode,
  $a_nodes,
  $a_policies,
  $a_filter,
  $a_exclusion_filter = array() 
)
protected

Adjust permissions.

Parameters
int$a_mode
array$a_nodesarray of nodes
array$a_policiesarray of object ref ids
array$a_exclusion_filterof object types.
Returns

Definition at line 675 of file class.ilObjRole.php.

References ilRbacLog\add(), createPermissionIntersection(), ilRbacLog\diffFaPa(), ilRbacLog\EDIT_TEMPLATE_EXISTING, ilRbacLog\gatherFaPa(), ilObject\getId(), initOperationStack(), initPolicyStack(), ilRbacLog\isActive(), isHandledObjectType(), updateOperationStack(), and updatePolicyStack().

Referenced by changeExistingObjects().

{
global $rbacadmin, $rbacreview;
$operation_stack = array();
$policy_stack = array();
$left_stack = array();
$right_stack = array();
$start_node = current($a_nodes);
array_push($left_stack, $start_node['lft']);
array_push($right_stack, $start_node['rgt']);
$this->initPolicyStack($policy_stack, $start_node['child']);
$this->initOperationStack($operation_stack, $start_node['child']);
#$GLOBALS['ilLog']->write(__METHOD__.': '.print_r($policy_stack,true));
#$GLOBALS['ilLog']->write(__METHOD__.': '.print_r($operation_stack,true));
include_once "Services/AccessControl/classes/class.ilRbacLog.php";
$rbac_log_active = ilRbacLog::isActive();
$local_policy = false;
foreach($a_nodes as $node)
{
$lft = end($left_stack);
$rgt = end($right_stack);
#echo "----STACK---- ".$lft.' - '.$rgt.'<br/>';
while(($node['lft'] < $lft) or ($node['rgt'] > $rgt))
{
#echo "LEFT ".$node['child'].'<br>';
array_pop($operation_stack);
array_pop($policy_stack);
array_pop($left_stack);
array_pop($right_stack);
$lft = end($left_stack);
$rgt = end($right_stack);
$local_policy = false;
}
if($local_policy)
{
#echo "LOCAL ".$node['child'].' left:'.$node['lft'].' right: '.$node['rgt'].'<br>';
// Continue if inside of local policy
continue;
}
// Start node => set permissions and continue
if($node['child'] == $start_node['child'])
{
if($this->isHandledObjectType($a_filter,$a_exclusion_filter,$node['type']))
{
if($rbac_log_active)
{
$rbac_log_roles = $rbacreview->getParentRoleIds($node['child'], false);
$rbac_log_old = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
}
// Set permissions
$perms = end($operation_stack);
$rbacadmin->grantPermission(
$this->getId(),
(array) $perms[$node['type']],
$node['child']
);
if($rbac_log_active)
{
$rbac_log_new = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
$rbac_log = ilRbacLog::diffFaPa($rbac_log_old, $rbac_log_new);
}
}
continue;
}
// Node has local policies => update permission stack and continue
if(in_array($node['child'], $a_policies) and ($node['child'] != SYSTEM_FOLDER_ID))
{
#echo "POLICIES ".$node['child'].' left:'.$node['lft'].' right: '.$node['rgt'].'<br>';
$local_policy = true;
$this->updatePolicyStack($policy_stack, $node['child']);
$this->updateOperationStack($operation_stack, $node['child']);
array_push($left_stack,$node['lft']);
array_push($right_stack, $node['rgt']);
continue;
}
// Continue if this object type is in filter
if(!$this->isHandledObjectType($a_filter,$a_exclusion_filter,$node['type']))
{
continue;
}
if($rbac_log_active)
{
$rbac_log_roles = $rbacreview->getParentRoleIds($node['child'], false);
$rbac_log_old = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
}
#echo "MODE: ".$a_mode.'TYPE: '.$node['type'].'<br>';
// Node is course => create course permission intersection
if(($a_mode == self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES or
$a_mode == self::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES) and ($node['type'] == 'crs'))
{
#echo "CRS ".$node['child'].'<br>';
// Copy role permission intersection
$perms = end($operation_stack);
$this->createPermissionIntersection($policy_stack,$perms['crs'],$node['child'],$node['type']);
if($this->updateOperationStack($operation_stack,$node['child']))
{
#echo "CRS SUCCESS ".$node['child'].'<br>';
$this->updatePolicyStack($policy_stack, $node['child']);
array_push($left_stack, $node['lft']);
array_push($right_stack, $node['rgt']);
}
}
// Node is group => create group permission intersection
if(($a_mode == self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES or
$a_mode == self::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES) and ($node['type'] == 'grp'))
{
#echo "GRP ".$node['child'].'<br>';
// Copy role permission intersection
$perms = end($operation_stack);
$this->createPermissionIntersection($policy_stack,$perms['grp'],$node['child'],$node['type']);
if($this->updateOperationStack($operation_stack,$node['child']))
{
#echo "GRP SUCCESS ".$node['child'].'<br>';
$this->updatePolicyStack($policy_stack, $node['child']);
array_push($left_stack, $node['lft']);
array_push($right_stack, $node['rgt']);
}
}
#echo "GRANTED ".$node['child'].'<br>';
// Set permission
$perms = end($operation_stack);
$rbacadmin->grantPermission(
$this->getId(),
(array) $perms[$node['type']],
$node['child']
);
#var_dump("ALL INFO ",$this->getId(),$perms[$node['type']]);
if($rbac_log_active)
{
$rbac_log_new = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
$rbac_log = ilRbacLog::diffFaPa($rbac_log_old, $rbac_log_new);
}
}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilObjRole::assignData (   $a_data)

loads a record "role" from array public

Parameters
arrayroledata

Definition at line 128 of file class.ilObjRole.php.

References setAllowRegister(), ilObject\setDescription(), setDiskQuota(), ilObject\setTitle(), ilUtil\stripSlashes(), and toggleAssignUsersStatus().

Referenced by read().

{
$this->setTitle(ilUtil::stripSlashes($a_data["title"]));
$this->setDescription(ilUtil::stripslashes($a_data["desc"]));
$this->setAllowRegister($a_data["allow_register"]);
$this->toggleAssignUsersStatus($a_data['assign_users']);
$this->setDiskQuota($a_data['disk_quota']);
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilObjRole::changeExistingObjects (   $a_start_node,
  $a_mode,
  $a_filter,
  $a_exclusion_filter = array() 
)

Change existing objects.

Parameters
int$a_start_node
int$a_mode
arrayfilter Filter of object types (array('all') => change all objects
Returns

Definition at line 601 of file class.ilObjRole.php.

References adjustPermissions(), deleteLocalPolicies(), and ilObject\getId().

{
global $tree,$rbacreview;
// Get node info of subtree
$nodes = $tree->getRbacSubtreeInfo($a_start_node);
// get local policies
$all_local_policies = $rbacreview->getObjectsWithStopedInheritance($this->getId());
// filter relevant roles
$local_policies = array();
foreach($all_local_policies as $lp)
{
if(isset($nodes[$lp]))
{
$local_policies[] = $lp;
}
}
// Delete deprecated policies
switch($a_mode)
{
case self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES:
case self::MODE_PROTECTED_DELETE_LOCAL_POLICIES:
$local_policies = $this->deleteLocalPolicies($a_start_node,$local_policies,$a_filter);
#$local_policies = array($a_start_node == ROOT_FOLDER_ID ? SYSTEM_FOLDER_ID : $a_start_node);
break;
}
$this->adjustPermissions($a_mode,$nodes,$local_policies,$a_filter,$a_exclusion_filter);
#var_dump(memory_get_peak_usage());
#var_dump(memory_get_usage());
}

+ Here is the call graph for this function:

ilObjRole::create ( )

create

public

Returns
integer object id

Reimplemented from ilObject.

Definition at line 166 of file class.ilObjRole.php.

References ilObject\$id, $ilDB, $query, $res, getAllowRegister(), getAssignUsersStatus(), and getDiskQuota().

{
global $ilDB;
$this->id = parent::create();
$query = "INSERT INTO role_data ".
"(role_id,allow_register,assign_users,disk_quota) ".
"VALUES ".
"(".$ilDB->quote($this->id,'integer').",".
$ilDB->quote($this->getAllowRegister(),'integer').",".
$ilDB->quote($this->getAssignUsersStatus(),'integer').",".
$ilDB->quote($this->getDiskQuota(),'integer').")"
;
$res = $ilDB->query($query);
return $this->id;
}

+ Here is the call graph for this function:

ilObjRole::createPermissionIntersection (   $policy_stack,
  $a_current_ops,
  $a_id,
  $a_type 
)
protected

Create course group permission intersection.

Parameters
arrayoperation stack
int$a_id
string$a_type
Returns

Definition at line 975 of file class.ilObjRole.php.

References $ilDB, $query, $res, $row, ilObject\$type, ilObject\_lookupObjId(), DB_FETCHMODE_OBJECT, ilObject\getId(), GRP_TYPE_CLOSED, GRP_TYPE_OPEN, and ilObjGroup\lookupGroupTye().

Referenced by adjustPermissions().

{
global $ilDB, $rbacreview,$rbacadmin;
static $course_non_member_id = null;
static $group_non_member_id = null;
static $group_open_id = null;
static $group_closed_id = null;
// Get template id
switch($a_type)
{
case 'grp':
include_once './Modules/Group/classes/class.ilObjGroup.php';
#var_dump("GROUP TYPE",$type);
switch($type)
{
if(!$group_closed_id)
{
$query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_grp_status_closed'";
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$group_closed_id = $row->obj_id;
}
}
$template_id = $group_closed_id;
#var_dump("GROUP CLOSED id:" . $template_id);
break;
default:
if(!$group_open_id)
{
$query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_grp_status_open'";
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$group_open_id = $row->obj_id;
}
}
$template_id = $group_open_id;
#var_dump("GROUP OPEN id:" . $template_id);
break;
}
break;
case 'crs':
if(!$course_non_member_id)
{
$query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_crs_non_member'";
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$course_non_member_id = $row->obj_id;
}
}
$template_id = $course_non_member_id;
break;
}
$current_ops = $a_current_ops[$a_type];
// Create intersection template permissions
if($template_id)
{
$rolf = $rbacreview->getRoleFolderIdOfObject($a_id);
$rbacadmin->copyRolePermissionIntersection(
$template_id, ROLE_FOLDER_ID,
$this->getId(), end($policy_stack),
$rolf,$this->getId()
);
}
else
{
#echo "No template id for ".$a_id.' of type'.$a_type.'<br>';
}
#echo "ROLE ASSIGN: ".$rolf.' AID'.$a_id;
if($rolf)
{
$rbacadmin->assignRoleToFolder($this->getId(),$rolf,"n");
}
return true;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilObjRole::delete ( )

delete role and all related data

public

Returns
boolean true if all object data were removed; false if only a references were removed

Reimplemented from ilObject.

Definition at line 318 of file class.ilObjRole.php.

References $GLOBALS, $ilDB, $query, $res, ilLDAPRoleGroupMappingSettings\_deleteByRole(), ilObject\_exists(), ilObject\getId(), and getParent().

{
global $rbacadmin, $rbacreview,$ilDB;
$role_folders = $rbacreview->getFoldersAssignedToRole($this->getId());
// Temporary bugfix
if($rbacreview->hasMultipleAssignments($this->getId()))
{
$GLOBALS['ilLog']->write(__METHOD__.': Found role with multiple assignments: '.$this->getId());
return false;
}
if ($rbacreview->isAssignable($this->getId(),$this->getParent()))
{
// do not delete a global role, if the role is the last
// role a user is assigned to.
//
// Performance improvement: In the code section below, we
// only need to consider _global_ roles. We don't need
// to check for _local_ roles, because a user who has
// a local role _always_ has a global role too.
$last_role_user_ids = array();
if ($this->getParent() == ROLE_FOLDER_ID)
{
// The role is a global role: check if
// we find users who aren't assigned to any
// other global role than this one.
$user_ids = $rbacreview->assignedUsers($this->getId());
foreach ($user_ids as $user_id)
{
// get all roles each user has
$role_ids = $rbacreview->assignedRoles($user_id);
// is last role?
if (count($role_ids) == 1)
{
$last_role_user_ids[] = $user_id;
}
}
}
// users with last role found?
if (count($last_role_user_ids) > 0)
{
foreach ($last_role_user_ids as $user_id)
{
//echo "<br>last role for user id:".$user_id.":";
// GET OBJECT TITLE
$tmp_obj = $this->ilias->obj_factory->getInstanceByObjId($user_id);
$user_names[] = $tmp_obj->getFullname();
unset($tmp_obj);
}
// TODO: This check must be done in rolefolder object because if multiple
// roles were selected the other roles are still deleted and the system does not
// give any feedback about this.
$users = implode(', ',$user_names);
$this->ilias->raiseError($this->lng->txt("msg_user_last_role1")." ".
$users."<br/>".$this->lng->txt("msg_user_last_role2"),$this->ilias->error_obj->WARNING);
}
else
{
// IT'S A BASE ROLE
$rbacadmin->deleteRole($this->getId(),$this->getParent());
// Delete ldap role group mappings
include_once('./Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php');
// delete object_data entry
// delete role_data entry
$query = "DELETE FROM role_data WHERE role_id = ".$ilDB->quote($this->getId(),'integer');
$res = $ilDB->manipulate($query);
include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
$role_desk_item_obj = new ilRoleDesktopItem($this->getId());
$role_desk_item_obj->deleteAll();
}
}
else
{
// linked local role: INHERITANCE WAS STOPPED, SO DELETE ONLY THIS LOCAL ROLE
$rbacadmin->deleteLocalRole($this->getId(),$this->getParent());
}
// purge empty rolefolders
//
// Performance improvement: We filter out all role folders
// which still contain roles, _before_ we attempt to purge them.
// This is faster than attempting to purge all role folders,
// and let function purge() of the role folder find out, if
// purging is possible.
$non_empty_role_folders = $rbacreview->filterEmptyRoleFolders($role_folders);
$role_folders = array_diff($role_folders,$non_empty_role_folders);
// Attempt to purge the role folders
foreach ($role_folders as $rolf)
{
if (ilObject::_exists($rolf,true))
{
$rolfObj = $this->ilias->obj_factory->getInstanceByRefId($rolf);
$rolfObj->purge();
unset($rolfObj);
}
}
return true;
}

+ Here is the call graph for this function:

ilObjRole::deleteLocalPolicies (   $a_start,
  $a_policies,
  $a_filter 
)
protected

Delete local policies.

Parameters
array$a_policiesarray of object ref ids that define local policies
Returns

Definition at line 641 of file class.ilObjRole.php.

References ilObject\_lookupObjId(), ilObject\_lookupType(), and ilObject\getId().

Referenced by changeExistingObjects().

{
global $rbacreview,$rbacadmin;
$local_policies = array();
foreach($a_policies as $policy)
{
if($policy == $a_start or $policy == SYSTEM_FOLDER_ID)
{
$local_policies[] = $policy;
continue;
}
if(!in_array('all',$a_filter) and !in_array(ilObject::_lookupType(ilObject::_lookupObjId($policy)),$a_filter))
{
$local_policies[] = $policy;
continue;
}
if($rolf = $rbacreview->getRoleFolderIdOfObject($policy))
{
$rbacadmin->deleteLocalRole($this->getId(),$rolf);
}
}
return $local_policies;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilObjRole::getAllowRegister ( )

get allow_register

public

Returns
integer

Definition at line 207 of file class.ilObjRole.php.

Referenced by create(), and ilObjRoleGUI\readRoleProperties().

{
return $this->allow_register ? $this->allow_register : false;
}

+ Here is the caller graph for this function:

ilObjRole::getAssignUsersStatus ( )

Definition at line 79 of file class.ilObjRole.php.

Referenced by create(), ilObjRoleGUI\readRoleProperties(), and update().

{
return $this->assign_users ? $this->assign_users : 0;
}

+ Here is the caller graph for this function:

ilObjRole::getCountMembers ( )

Definition at line 433 of file class.ilObjRole.php.

{
global $rbacreview;
return count($rbacreview->assignedUsers($this->getId()));
}
ilObjRole::getDiskQuota ( )

Gets the minimal disk quota imposed by this role.

Returns the minimal disk quota in bytes. The default value is 0.

public

Returns
integer

Definition at line 234 of file class.ilObjRole.php.

References $disk_quota.

Referenced by create(), ilObjRoleGUI\readRoleProperties(), and update().

{
}

+ Here is the caller graph for this function:

ilObjRole::getParent ( )

get reference id of parent object

public

Returns
integer ref_id of parent object

Definition at line 306 of file class.ilObjRole.php.

References $parent.

Referenced by delete().

{
return $this->parent;
}

+ Here is the caller graph for this function:

ilObjRole::getPresentationTitle ( )

return translated title for autogenerated roles

Returns

Reimplemented from ilObject.

Definition at line 70 of file class.ilObjRole.php.

References _getTranslation(), and ilObject\getTitle().

{
}

+ Here is the call graph for this function:

ilObjRole::ilObjRole (   $a_id = 0,
  $a_call_by_reference = false 
)

Constructor public.

Parameters
integerreference_id or object_id
booleantreat the id as reference_id (true) or object_id (false)

Definition at line 43 of file class.ilObjRole.php.

References ilObject\ilObject().

{
$this->type = "role";
$this->disk_quota = 0;
$this->ilObject($a_id,$a_call_by_reference);
}

+ Here is the call graph for this function:

ilObjRole::initOperationStack ( $a_stack,
  $a_node 
)
protected

Init operation stack $rbacreview.

Parameters
array$a_stack
<type>$a_node
Returns
<type>

Definition at line 892 of file class.ilObjRole.php.

References ilObject\getId().

Referenced by adjustPermissions().

{
global $rbacreview;
if($a_node == ROOT_FOLDER_ID)
{
$rolf = ROLE_FOLDER_ID;
}
else
{
$roles = $rbacreview->getParentRoleIds($a_node,false,true);
$rolf = $roles[$this->getId()]['parent'];
}
if(!$rolf)
{
return false;
}
$a_stack[] = $rbacreview->getAllOperationsOfRole(
$this->getId(),
$rolf
);
return true;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilObjRole::initPolicyStack ( $a_stack,
  $a_node 
)
protected

Init policy stack <type> $rbacreview.

Parameters
array$a_stack
<type>$a_node

Definition at line 950 of file class.ilObjRole.php.

References $GLOBALS, and ilObject\getId().

Referenced by adjustPermissions().

{
global $rbacreview;
if($a_node == ROOT_FOLDER_ID)
{
$rolf = ROLE_FOLDER_ID;
}
else
{
$roles = $rbacreview->getParentRoleIds($a_node,false,true);
$GLOBALS['ilLog']->write(__METHOD__.': '.print_r($roles,true));
$rolf = $roles[$this->getId()]['parent'];
}
$a_stack[] = $rolf;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilObjRole::isAutoGenerated (   $a_role_id)
static

Definition at line 589 of file class.ilObjRole.php.

References ilObject\_lookupTitle().

Referenced by ilObjRoleGUI\initFormRoleProperties().

{
return substr(ilObject::_lookupTitle($a_role_id), 0, 3) == 'il_';
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilObjRole::isDeletable (   $a_role_folder_id)

Check whether a role is deletable (non autogenereated role and defined) at this position Does not perform permission checks.

Returns
bool

Definition at line 572 of file class.ilObjRole.php.

References ilObject\getTitle().

{
global $rbacreview;
if(!$rbacreview->isAssignable($this->getId(), $a_role_folder_id))
{
return false;
}
if(substr($this->getTitle(),0,3) == 'il_')
{
return false;
}
return true;
}

+ Here is the call graph for this function:

ilObjRole::isHandledObjectType (   $a_filter,
  $a_exclusion_filter,
  $a_type 
)
protected

Check if type is filterer.

Parameters
array$a_filter
string$a_type
Returns

Definition at line 840 of file class.ilObjRole.php.

Referenced by adjustPermissions().

{
if(in_array($a_type,$a_exclusion_filter))
{
return false;
}
if(in_array('all',$a_filter))
{
return true;
}
return in_array($a_type,$a_filter);
}

+ Here is the caller graph for this function:

ilObjRole::read ( )

loads "role" from database private

Definition at line 101 of file class.ilObjRole.php.

References $data, $ilDB, $query, $res, and assignData().

Referenced by update().

{
global $ilDB;
$query = "SELECT * FROM role_data WHERE role_id= ".$ilDB->quote($this->id,'integer')." ";
$res = $ilDB->query($query);
if ($res->numRows() > 0)
{
$data = $ilDB->fetchAssoc($res);
// fill member vars in one shot
$this->assignData($data);
}
else
{
$this->ilias->raiseError("<b>Error: There is no dataset with id ".$this->id."!</b><br />class: ".get_class($this)."<br />Script: ".__FILE__."<br />Line: ".__LINE__, $this->ilias->FATAL);
}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilObjRole::setAllowRegister (   $a_allow_register)

set allow_register of role

public

Parameters
integer

Definition at line 191 of file class.ilObjRole.php.

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

{
if (empty($a_allow_register))
{
$a_allow_register == 0;
}
$this->allow_register = (int) $a_allow_register;
}

+ Here is the caller graph for this function:

ilObjRole::setDiskQuota (   $a_disk_quota)

Sets the minimal disk quota imposed by this role.

The minimal disk quota is specified in bytes.

@access     public
@param      integer 

Definition at line 220 of file class.ilObjRole.php.

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

{
$this->disk_quota = $a_disk_quota;
}

+ Here is the caller graph for this function:

ilObjRole::setParent (   $a_parent_ref)

set reference id of parent object this is neccessary for non RBAC protected objects!!!

public

Parameters
integerref_id of parent object

Definition at line 295 of file class.ilObjRole.php.

{
$this->parent = $a_parent_ref;
}
ilObjRole::toggleAssignUsersStatus (   $a_assign_users)

Definition at line 75 of file class.ilObjRole.php.

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

{
$this->assign_users = (int) $a_assign_users;
}

+ Here is the caller graph for this function:

ilObjRole::update ( )

updates a record "role" and write it into database public

Reimplemented from ilObject.

Definition at line 141 of file class.ilObjRole.php.

References $ilDB, $query, $res, getAssignUsersStatus(), getDiskQuota(), and read().

{
global $ilDB;
$query = "UPDATE role_data SET ".
"allow_register= ".$ilDB->quote($this->allow_register,'integer').", ".
"assign_users = ".$ilDB->quote($this->getAssignUsersStatus(),'integer').", ".
"disk_quota = ".$ilDB->quote($this->getDiskQuota(),'integer')." ".
"WHERE role_id= ".$ilDB->quote($this->id,'integer')." ";
$res = $ilDB->manipulate($query);
$this->read();
return true;
}

+ Here is the call graph for this function:

ilObjRole::updateOperationStack ( $a_stack,
  $a_node 
)
protected

Update operation stack.

Parameters
array$a_stack
int$a_node
Returns

Definition at line 860 of file class.ilObjRole.php.

References ilObject\getId().

Referenced by adjustPermissions().

{
global $rbacreview;
if($a_node == ROOT_FOLDER_ID)
{
$rolf = ROLE_FOLDER_ID;
}
else
{
$rolf = $rbacreview->getRoleFolderIdOfObject($a_node);
}
if(!$rolf)
{
return false;
}
$a_stack[] = $rbacreview->getAllOperationsOfRole(
$this->getId(),
$rolf
);
return true;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilObjRole::updatePolicyStack ( $a_stack,
  $a_node 
)
protected

Update policy stack.

Parameters
object$a_node
Returns

Definition at line 922 of file class.ilObjRole.php.

Referenced by adjustPermissions().

{
global $rbacreview;
if($a_node == ROOT_FOLDER_ID)
{
$rolf = ROLE_FOLDER_ID;
}
else
{
$rolf = $rbacreview->getRoleFolderIdOfObject($a_node);
}
if(!$rolf)
{
return false;
}
$a_stack[] = $rolf;
return true;
}

+ Here is the caller graph for this function:

ilObjRole::validate ( )

Validate role data.

Returns
bool

Definition at line 54 of file class.ilObjRole.php.

References $ilErr, and ilObject\getTitle().

{
global $ilErr;
if(substr($this->getTitle(),0,3) == 'il_')
{
$ilErr->setMessage('msg_role_reserved_prefix');
return false;
}
return true;
}

+ Here is the call graph for this function:

Field Documentation

ilObjRole::$allow_register

Definition at line 31 of file class.ilObjRole.php.

ilObjRole::$assign_users

Definition at line 32 of file class.ilObjRole.php.

ilObjRole::$disk_quota

The disk quota in bytes.

Definition at line 35 of file class.ilObjRole.php.

Referenced by getDiskQuota().

ilObjRole::$parent

Definition at line 29 of file class.ilObjRole.php.

Referenced by getParent().

const ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES = 2
const ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES = 4

The documentation for this class was generated from the following file: