ILIAS  Release_4_4_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes
ilPermissionGUI Class Reference
Services/AccessControl

New PermissionGUI (extends from old ilPermission2GUI) RBAC related output. More...

+ Inheritance diagram for ilPermissionGUI:
+ Collaboration diagram for ilPermissionGUI:

Public Member Functions

 __construct ($a_gui_obj)
 Constructor.
 executeCommand ()
 Execute command.
 getCurrentObject ()
 Get current object.
 perm (ilTable2GUI $table=NULL)
 show permission table
 applyRoleFilter ($a_roles, $a_filter_id)
 Apply filter to roles.
- Public Member Functions inherited from ilPermission2GUI
 permSave ()
 save permissions
 addRole ()
 adds a local role This method is only called when choose the option 'you may add local roles'.
__initTableGUI ()
 __setTableGUIBasicData (&$tbl, &$result_set, $a_from="")
 standard implementation for tables use 'from' variable use different initial setting of table
 __buildRoleFilterSelect ()
 __filterRoles ($a_roles, $a_filter)
 owner ()
 changeOwner ()
 info ()
 __initSubTabs ($a_cmd)
 getRolesData ()
 __showPermissionsGeneralSection ()
 __showPermissionsObjectSection ()
 __showPermissionsRBACSection ()
 __showPermissionsCreateSection ()
 log ()
 applyLogFilter ()
 resetLogFilter ()

Static Public Member Functions

static hasContainerCommands ($a_type)
 Check if container commands are possible for the current object type.

Protected Member Functions

 confirmTemplateSwitch ()
 Called after toolbar action applyTemplateSwitch.
 isAdminRoleFolder ()
 Check of current location is administration (main) role folder.
 isAdministrationObject ()
 isInAdministration ()
 Check if node is subobject of administration folder.
 applyFilter ()
 Apply filter.
 resetFilter ()
 Reset filter.
 savePermissions ()
 Save permissions.
 showConfirmBlockRole ($a_roles)
 Show block role confirmation screen.
 blockRoles ()
 Block role.
 initRoleFolder ($a_create=false)
 Init role folder of object.
 displayImportRoleForm (ilPropertyFormGUI $form=null)
 Show import form.
 doImportRole ()
 Perform import.
 initImportForm ()
 init import form
 initRoleForm ()
 Shoew add role type $rbacreview type $objDefinition.
 displayAddRoleForm ()
 Show add role form.

Protected Attributes

 $current_obj = null
- Protected Attributes inherited from ilPermission2GUI
 $gui_obj = null
 $ilErr = null
 $ctrl = null
 $lng = null

Detailed Description

New PermissionGUI (extends from old ilPermission2GUI) RBAC related output.

Author
Stefan Meyer smeye.nosp@m.r.il.nosp@m.ias@g.nosp@m.mx.d.nosp@m.e
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

ilPermissionGUI: ilObjRoleGUI, ilRepositorySearchGUI

Definition at line 19 of file class.ilPermissionGUI.php.

Constructor & Destructor Documentation

ilPermissionGUI::__construct (   $a_gui_obj)

Constructor.

Parameters
object$a_gui_obj
Returns

Reimplemented from ilPermission2GUI.

Definition at line 28 of file class.ilPermissionGUI.php.

{
parent::__construct($a_gui_obj);
}

Member Function Documentation

ilPermissionGUI::applyFilter ( )
protected

Apply filter.

Returns

Definition at line 178 of file class.ilPermissionGUI.php.

References getCurrentObject(), and perm().

{
include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
$table = new ilObjectRolePermissionTableGUI($this,'perm',$this->getCurrentObject()->getRefId());
$table->resetOffset();
$table->writeFilterToSession();
return $this->perm($table);
}

+ Here is the call graph for this function:

ilPermissionGUI::applyRoleFilter (   $a_roles,
  $a_filter_id 
)

Apply filter to roles.

Parameters
int$a_filter_id
Returns

Definition at line 206 of file class.ilPermissionGUI.php.

References ilObjectRolePermissionTableGUI\ROLE_FILTER_ALL, ilObjectRolePermissionTableGUI\ROLE_FILTER_GLOBAL, ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL, ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL_OBJECT, and ilObjectRolePermissionTableGUI\ROLE_FILTER_LOCAL_POLICY.

Referenced by savePermissions().

{
global $rbacreview;
// Always delete administrator role from view
if(isset($a_roles[SYSTEM_ROLE_ID]))
{
unset($a_roles[SYSTEM_ROLE_ID]);
}
switch ($a_filter_id)
{
// all roles in context
case ilObjectRolePermissionTableGUI::ROLE_FILTER_ALL:
return $a_roles;
// only global roles
case ilObjectRolePermissionTableGUI::ROLE_FILTER_GLOBAL:
$arr_global_roles = $rbacreview->getGlobalRoles();
$arr_remove_roles = array_diff(array_keys($a_roles),$arr_global_roles);
foreach ($arr_remove_roles as $role_id)
{
unset($a_roles[$role_id]);
}
return $a_roles;
// only local roles (all local roles in context that are not defined at ROLE_FOLDER_ID)
case ilObjectRolePermissionTableGUI::ROLE_FILTER_LOCAL:
$arr_global_roles = $rbacreview->getGlobalRoles();
foreach ($arr_global_roles as $role_id)
{
unset($a_roles[$role_id]);
}
return $a_roles;
break;
// only roles which use a local policy
case ilObjectRolePermissionTableGUI::ROLE_FILTER_LOCAL_POLICY:
$role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
if (!$role_folder)
{
return array();
}
$arr_local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"]);
$arr_remove_roles = array_diff(array_keys($a_roles),$arr_local_roles);
foreach ($arr_remove_roles as $role_id)
{
unset($a_roles[$role_id]);
}
return $a_roles;
// only true local role defined at current position
case ilObjectRolePermissionTableGUI::ROLE_FILTER_LOCAL_OBJECT:
$role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
if (!$role_folder)
{
return array();
}
$arr_local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"],false);
$arr_remove_roles = array_diff(array_keys($a_roles),$arr_local_roles);
foreach ($arr_remove_roles as $role_id)
{
unset($a_roles[$role_id]);
}
return $a_roles;
default:
return $a_roles;
}
}

+ Here is the caller graph for this function:

ilPermissionGUI::blockRoles ( )
protected

Block role.

Returns

Definition at line 474 of file class.ilPermissionGUI.php.

References $_POST, getCurrentObject(), and ilUtil\sendInfo().

{
global $rbacadmin,$rbacreview;
$rolf = $rbacreview->getRoleFolderIdOfObject($this->getCurrentObject()->getRefId());
$p_roles = $rbacreview->getParentRoleIds($this->getCurrentObject()->getRefId());
$roles = $_POST['roles'];
foreach($roles as $role)
{
// Set assign to 'y' only if it is a local role
$assign = $rbacreview->isAssignable($role, $rolf) ? 'y' : 'n';
// Delete permissions
$rbacadmin->revokeSubtreePermissions($this->getCurrentObject()->getRefId(), $role);
// Delete template permissions
$rbacadmin->deleteSubtreeTemplates($this->getCurrentObject()->getRefId(), $role);
$rbacadmin->assignRoleToFolder(
$role,
$rolf,
$assign
);
}
ilUtil::sendInfo($this->lng->txt('settings_saved'));
$this->ctrl->redirect($this,'perm');
}

+ Here is the call graph for this function:

ilPermissionGUI::confirmTemplateSwitch ( )
protected

Called after toolbar action applyTemplateSwitch.

Definition at line 95 of file class.ilPermissionGUI.php.

{
include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
$this->ctrl->setReturn($this,'perm');
$this->ctrl->setCmdClass('ildidactictemplategui');
$dtpl_gui = new ilDidacticTemplateGUI($this->gui_obj);
$this->ctrl->forwardCommand($dtpl_gui,'confirmTemplateSwitch');
}
ilPermissionGUI::displayAddRoleForm ( )
protected

Show add role form.

Definition at line 717 of file class.ilPermissionGUI.php.

References $GLOBALS, and initRoleForm().

{
$GLOBALS['ilTabs']->clearTargets();
$form = $this->initRoleForm();
$this->tpl->setContent($form->getHTML());
}

+ Here is the call graph for this function:

ilPermissionGUI::displayImportRoleForm ( ilPropertyFormGUI  $form = null)
protected

Show import form.

Parameters
ilPropertyFormGUI$form

Definition at line 541 of file class.ilPermissionGUI.php.

References $GLOBALS, and initImportForm().

Referenced by doImportRole().

{
$GLOBALS['ilTabs']->clearTargets();
if(!$form)
{
$form = $this->initImportForm();
}
$GLOBALS['tpl']->setContent($form->getHTML());
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilPermissionGUI::doImportRole ( )
protected

Perform import.

Definition at line 555 of file class.ilPermissionGUI.php.

References $GLOBALS, displayImportRoleForm(), getCurrentObject(), initImportForm(), isAdminRoleFolder(), ilUtil\sendFailure(), and ilUtil\sendSuccess().

{
global $rbacreview;
$form = $this->initImportForm();
if($form->checkInput())
{
try {
include_once './Services/Export/classes/class.ilImport.php';
// For global roles set import id to parent of current ref_id (adm)
if($this->isAdminRoleFolder())
{
$parent_ref = $GLOBALS['tree']->getParentId($this->getCurrentObject()->getRefId());
}
else
{
$parent_ref = $this->getCurrentObject()->getRefId();
}
$imp = new ilImport($parent_ref);
$imp->getMapping()->addMapping(
'Services/AccessControl',
'rolf',
0,
$rbacreview->getRoleFolderIdOfObject($parent_ref)
);
$imp->importObject(
null,
$_FILES["importfile"]["tmp_name"],
$_FILES["importfile"]["name"],
'role'
);
ilUtil::sendSuccess($this->lng->txt('rbac_role_imported'),true);
$this->ctrl->redirect($this,'perm');
return;
}
catch(Exception $e)
{
ilUtil::sendFailure($e->getMessage());
$form->setValuesByPost();
$this->displayImportRoleForm($form);
return;
}
}
$form->setValuesByPost();
ilUtil::sendFailure($this->lng->txt('err_check_input'));
$this->displayImportRoleForm($form);
}

+ Here is the call graph for this function:

ilPermissionGUI::executeCommand ( )

Execute command.

Returns

Definition at line 37 of file class.ilPermissionGUI.php.

References $_GET, $cmd, ilPermission2GUI\$ilErr, and $ret.

{
global $rbacsystem, $ilErr;
// access to all functions in this class are only allowed if edit_permission is granted
if (!$rbacsystem->checkAccess("edit_permission",$this->gui_obj->object->getRefId()))
{
$ilErr->raiseError($this->lng->txt("permission_denied"),$ilErr->MESSAGE);
}
$next_class = $this->ctrl->getNextClass($this);
switch($next_class)
{
case "ilobjrolegui":
$this->ctrl->setReturn($this,'perm');
include_once("Services/AccessControl/classes/class.ilObjRoleGUI.php");
$this->gui_obj = new ilObjRoleGUI("",(int) $_GET["obj_id"], false, false);
$this->gui_obj->setBackTarget($this->lng->txt("perm_settings"),$this->ctrl->getLinkTarget($this, "perm"));
$ret = $this->ctrl->forwardCommand($this->gui_obj);
break;
case 'ildidactictemplategui':
$this->ctrl->setReturn($this,'perm');
include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
$did = new ilDidacticTemplateGUI($this->gui_obj);
$this->ctrl->forwardCommand($did);
break;
case 'ilrepositorysearchgui':
// used for owner autocomplete
include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
$rep_search = new ilRepositorySearchGUI();
$this->ctrl->forwardCommand($rep_search);
break;
default:
$cmd = $this->ctrl->getCmd();
$this->$cmd();
break;
}
return true;
}
ilPermissionGUI::getCurrentObject ( )

Get current object.

Returns
ilObject

Definition at line 87 of file class.ilPermissionGUI.php.

Referenced by applyFilter(), blockRoles(), doImportRole(), initRoleFolder(), isAdministrationObject(), isAdminRoleFolder(), isInAdministration(), perm(), resetFilter(), and savePermissions().

{
return $this->gui_obj->object;
}

+ Here is the caller graph for this function:

static ilPermissionGUI::hasContainerCommands (   $a_type)
static

Check if container commands are possible for the current object type.

Parameters
object$a_type
Returns

Definition at line 530 of file class.ilPermissionGUI.php.

Referenced by ilObjectRolePermissionTableGUI\parse(), and savePermissions().

{
global $objDefinition;
return $objDefinition->isContainer($a_type) and $a_type != 'root' and $a_type != 'adm' and $a_type != 'rolf';
}

+ Here is the caller graph for this function:

ilPermissionGUI::initImportForm ( )
protected

init import form

Definition at line 610 of file class.ilPermissionGUI.php.

References ilFileInputGUI\setSuffixes().

Referenced by displayImportRoleForm(), and doImportRole().

{
include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
$form = new ilPropertyFormGUI();
$form->setFormAction($this->ctrl->getFormAction($this));
$form->setTitle($this->lng->txt('rbac_import_role'));
$form->addCommandButton('doImportRole', $this->lng->txt('import'));
$form->addCommandButton('perm', $this->lng->txt('cancel'));
$zip = new ilFileInputGUI($this->lng->txt('import_file'),'importfile');
$zip->setSuffixes(array('zip'));
$form->addItem($zip);
return $form;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilPermissionGUI::initRoleFolder (   $a_create = false)
protected

Init role folder of object.

Parameters
object$a_create[optional]
Returns

Definition at line 511 of file class.ilPermissionGUI.php.

References getCurrentObject().

Referenced by savePermissions().

{
global $rbacreview;
$rolf_id = $rbacreview->getRoleFolderIdOfObject($this->getCurrentObject()->getRefId());
if($rolf_id)
{
return $rolf_id;
}
$rolf = $this->getCurrentObject()->createRoleFolder();
return $rolf->getRefId();
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilPermissionGUI::initRoleForm ( )
protected

Shoew add role type $rbacreview type $objDefinition.

Returns
ilPropertyFormGUI

Definition at line 632 of file class.ilPermissionGUI.php.

References ilObjRole\_getTranslation(), ilUtil\_sortIds(), isInAdministration(), ilTextAreaInputGUI\setCols(), ilFormPropertyGUI\setInfo(), ilTextInputGUI\setValidationRegexp(), and ilUtil\sortArray().

Referenced by displayAddRoleForm().

{
global $rbacreview,$objDefinition;
include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
$form = new ilPropertyFormGUI();
$form->setFormAction($this->ctrl->getFormAction($this));
$form->setTitle($this->lng->txt('role_new'));
$form->addCommandButton('addrole',$this->lng->txt('role_new'));
$form->addCommandButton('perm', $this->lng->txt('cancel'));
$title = new ilTextInputGUI($this->lng->txt('title'),'title');
$title->setValidationRegexp('/^(?!il_).*$/');
$title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
$title->setSize(40);
$title->setMaxLength(70);
$title->setRequired(true);
$form->addItem($title);
$desc = new ilTextAreaInputGUI($this->lng->txt('description'),'desc');
$desc->setCols(40);
$desc->setRows(3);
$form->addItem($desc);
$pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'),'pro');
$pro->setInfo($this->lng->txt('role_protect_permissions_desc'));
$pro->setValue(1);
$form->addItem($pro);
$pd = new ilCheckboxInputGUI($this->lng->txt('rbac_role_add_to_desktop'),'desktop');
$pd->setInfo($this->lng->txt('rbac_role_add_to_desktop_info'));
$pd->setValue(1);
$form->addItem($pd);
if(!$this->isInAdministration())
{
$rights = new ilRadioGroupInputGUI($this->lng->txt("rbac_role_rights_copy"), 'rights');
$option = new ilRadioOption($this->lng->txt("rbac_role_rights_copy_empty"), 0);
$rights->addOption($option);
$parent_role_ids = $rbacreview->getParentRoleIds($this->gui_obj->object->getRefId(),true);
$ids = array();
foreach($parent_role_ids as $id => $tmp)
{
$ids[] = $id;
}
// Sort ids
$sorted_ids = ilUtil::_sortIds($ids,'object_data','type DESC,title','obj_id');
// Sort roles by title
$sorted_roles = ilUtil::sortArray(array_values($parent_role_ids), 'title', ASC);
$key = 0;
foreach($sorted_ids as $id)
{
$par = $parent_role_ids[$id];
if ($par["obj_id"] != SYSTEM_ROLE_ID)
{
include_once './Services/AccessControl/classes/class.ilObjRole.php';
$option = new ilRadioOption(($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt')).": ".ilObjRole::_getTranslation($par["title"]), $par["obj_id"]);
$option->setInfo($par["desc"]);
$rights->addOption($option);
}
$key++;
}
$form->addItem($rights);
}
// Local policy only for containers
if($objDefinition->isContainer($this->getCurrentObject()->getType()))
{
$check = new ilCheckboxInputGui($this->lng->txt("rbac_role_rights_copy_change_existing"), 'existing');
$check->setInfo($this->lng->txt('rbac_change_existing_objects_desc_new_role'));
$form->addItem($check);
}
return $form;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilPermissionGUI::isAdministrationObject ( )
protected

Definition at line 159 of file class.ilPermissionGUI.php.

References getCurrentObject().

Referenced by perm().

{
return $this->getCurrentObject()->getType() == 'adm';
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilPermissionGUI::isAdminRoleFolder ( )
protected

Check of current location is administration (main) role folder.

Returns

Definition at line 154 of file class.ilPermissionGUI.php.

References getCurrentObject().

Referenced by doImportRole(), and perm().

{
return $this->getCurrentObject()->getRefId() == ROLE_FOLDER_ID;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilPermissionGUI::isInAdministration ( )
protected

Check if node is subobject of administration folder.

Returns
type

Definition at line 168 of file class.ilPermissionGUI.php.

References $GLOBALS, and getCurrentObject().

Referenced by initRoleForm().

{
return (bool) $GLOBALS['tree']->isGrandChild(SYSTEM_FOLDER_ID,$this->getCurrentObject()->getRefId());
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilPermissionGUI::perm ( ilTable2GUI  $table = NULL)

show permission table

Returns

Definition at line 109 of file class.ilPermissionGUI.php.

References ilPermission2GUI\__initSubTabs(), getCurrentObject(), isAdministrationObject(), and isAdminRoleFolder().

Referenced by applyFilter(), resetFilter(), and savePermissions().

{
global $objDefinition, $ilToolbar;
include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
$dtpl = new ilDidacticTemplateGUI($this->gui_obj);
if($dtpl->appendToolbarSwitch(
$ilToolbar,
$this->getCurrentObject()->getType(),
$this->getCurrentObject()->getRefId()
))
{
$ilToolbar->addSeparator();
}
if($objDefinition->hasLocalRoles($this->getCurrentObject()->getType()) and
!$this->isAdministrationObject()
)
{
$ilToolbar->setFormAction($this->ctrl->getFormAction($this));
if(!$this->isAdminRoleFolder())
{
$ilToolbar->addButton($this->lng->txt('rbac_add_new_local_role'),$this->ctrl->getLinkTarget($this,'displayAddRoleForm'));
}
$ilToolbar->addButton($this->lng->txt('rbac_import_role'),$this->ctrl->getLinkTarget($this,'displayImportRoleForm'));
}
$this->__initSubTabs("perm");
if(!$table instanceof ilTable2GUI)
{
include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
$table = new ilObjectRolePermissionTableGUI($this,'perm',$this->getCurrentObject()->getRefId());
}
$table->parse();
$this->tpl->setContent($table->getHTML());
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilPermissionGUI::resetFilter ( )
protected

Reset filter.

Returns

Definition at line 191 of file class.ilPermissionGUI.php.

References getCurrentObject(), and perm().

{
include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
$table = new ilObjectRolePermissionTableGUI($this,'perm',$this->getCurrentObject()->getRefId());
$table->resetOffset();
$table->resetFilter();
return $this->perm($table);
}

+ Here is the call graph for this function:

ilPermissionGUI::savePermissions ( )
protected

Save permissions.

Returns

Definition at line 295 of file class.ilPermissionGUI.php.

References $_POST, $log, ilRbacLog\add(), applyRoleFilter(), ilRbacLog\diffFaPa(), ilRbacLog\EDIT_PERMISSIONS, ilRbacLog\gatherFaPa(), getCurrentObject(), ilObjectFactory\getInstanceByObjId(), hasContainerCommands(), initRoleFolder(), ilRbacReview\lookupCreateOperationIds(), perm(), ilUtil\sendSuccess(), and showConfirmBlockRole().

{
global $rbacreview,$objDefinition,$rbacadmin;
include_once './Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
$table = new ilObjectRolePermissionTableGUI($this,'perm',$this->getCurrentObject()->getRefId());
$roles = $this->applyRoleFilter(
$rbacreview->getParentRoleIds($this->getCurrentObject()->getRefId()),
$table->getFilterItemByPostVar('role')->getValue()
);
// Log history
include_once "Services/AccessControl/classes/class.ilRbacLog.php";
$log_old = ilRbacLog::gatherFaPa($this->getCurrentObject()->getRefId(),array_keys((array) $roles));
# all possible create permissions
$possible_ops_ids = $rbacreview->getOperationsByTypeAndClass(
$this->getCurrentObject()->getType(),
'create'
);
# createable (activated) create permissions
$create_types = $objDefinition->getCreatableSubObjects(
$this->getCurrentObject()->getType()
);
$createable_ops_ids = ilRbacReview::lookupCreateOperationIds(array_keys((array) $create_types));
foreach((array) $roles as $role => $role_data)
{
if($role_data['protected'])
{
continue;
}
$new_ops = array_keys((array) $_POST['perm'][$role]);
$old_ops = $rbacreview->getRoleOperationsOnObject(
$role,
$this->getCurrentObject()->getRefId()
);
// Add operations which were enabled and are not activated.
foreach($possible_ops_ids as $create_ops_id)
{
if(in_array($create_ops_id,$createable_ops_ids))
{
continue;
}
if(in_array($create_ops_id,$old_ops))
{
$new_ops[] = $create_ops_id;
}
}
$rbacadmin->revokePermission(
$this->getCurrentObject()->getRefId(),
$role
);
$rbacadmin->grantPermission(
$role,
array_unique($new_ops),
$this->getCurrentObject()->getRefId()
);
}
// Handle local policies.
$rolf_id = $this->initRoleFolder(count((array) $_POST['inherit']) ? true : false);
$relevant_roles = array_intersect(
$rbacreview->getRolesOfRoleFolder($rolf_id),
array_keys($roles)
);
if(ilPermissionGUI::hasContainerCommands($this->getCurrentObject()->getType()))
{
foreach($roles as $role)
{
// No action for local roles
if($role['parent'] == $rolf_id and $role['assign'] == 'y')
{
continue;
}
// Nothing for protected roles
if($role['protected'])
{
continue;
}
// Stop local policy
if($role['parent'] == $rolf_id and !isset($_POST['inherit'][$role['obj_id']]))
{
$role_obj = ilObjectFactory::getInstanceByObjId($role['obj_id']);
$role_obj->setParent($rolf_id);
$role_obj->delete();
continue;
}
// Add local policy
if($role['parent'] != $rolf_id and isset($_POST['inherit'][$role['obj_id']]))
{
$rbacadmin->copyRoleTemplatePermissions(
$role['obj_id'],
$role['parent'],
$rolf_id,
$role['obj_id']
);
$rbacadmin->assignRoleToFolder($role['obj_id'],$rolf_id,'n');
}
}
}
// Protect permissions
if(ilPermissionGUI::hasContainerCommands($this->getCurrentObject()->getType()))
{
foreach($roles as $role)
{
if($rbacreview->isAssignable($role['obj_id'], $rolf_id))
{
if(isset($_POST['protect'][$role['obj_id']]) and
!$rbacreview->isProtected($rolf_id, $role['obj_id']))
{
$rbacadmin->setProtected($rolf_id, $role['obj_id'], 'y');
}
elseif(!isset($_POST['protect'][$role['obj_id']]) and
$rbacreview->isProtected($rolf_id, $role['obj_id']))
{
$rbacadmin->setProtected($rolf_id, $role['obj_id'], 'n');
}
}
}
}
$log_new = ilRbacLog::gatherFaPa($this->getCurrentObject()->getRefId(),array_keys((array) $roles));
$log = ilRbacLog::diffFaPa($log_old, $log_new);
ilRbacLog::add(ilRbacLog::EDIT_PERMISSIONS, $this->getCurrentObject()->getRefId(), $log);
if(count((array) $_POST['block']))
{
return $this->showConfirmBlockRole(array_keys($_POST['block']));
}
ilUtil::sendSuccess($this->lng->txt('settings_saved'),true);
#$this->ctrl->redirect($this,'perm');
$this->perm();
}

+ Here is the call graph for this function:

ilPermissionGUI::showConfirmBlockRole (   $a_roles)
protected

Show block role confirmation screen.

Parameters
array$a_roles
Returns

Definition at line 446 of file class.ilPermissionGUI.php.

References ilObjRole\_getTranslation(), ilObject\_lookupTitle(), and ilUtil\sendInfo().

Referenced by savePermissions().

{
ilUtil::sendInfo($this->lng->txt('role_confirm_block_role_info'));
include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
$confirm = new ilConfirmationGUI();
$confirm->setFormAction($this->ctrl->getFormAction($this));
$confirm->setHeaderText($this->lng->txt('role_confirm_block_role_header'));
$confirm->setConfirm($this->lng->txt('role_block_role'), 'blockRoles');
$confirm->setCancel($this->lng->txt('cancel'), 'perm');
foreach($a_roles as $role_id)
{
include_once './Services/AccessControl/classes/class.ilObjRole.php';
$confirm->addItem(
'roles[]',
$role_id,
ilObjRole::_getTranslation(ilObject::_lookupTitle($role_id)));
}
$this->tpl->setContent($confirm->getHTML());
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

Field Documentation

ilPermissionGUI::$current_obj = null
protected

Definition at line 21 of file class.ilPermissionGUI.php.

The documentation for this class was generated from the following file: