24 require_once
"./Services/Object/classes/class.ilObjectGUI.php";
56 $this->
ilObjectGUI($a_data,$a_id,$a_call_by_reference,
false);
57 $lng->loadLanguageModule(
'rbac');
64 $next_class = $this->ctrl->getNextClass($this);
65 $cmd = $this->ctrl->getCmd();
71 case 'ilpermissiongui':
72 include_once(
"Services/AccessControl/classes/class.ilPermissionGUI.php");
74 $ret =& $this->ctrl->forwardCommand($perm_gui);
98 global
$ilErr, $rbacsystem, $ilToolbar,$rbacreview,$ilTabs;
100 $ilTabs->activateTab(
'view');
102 if(!$rbacsystem->checkAccess(
'visible,read',$this->object->getRefId()))
104 $ilErr->raiseError($this->lng->txt(
'permission_denied'),$ilErr->MESSAGE);
107 $this->ctrl->setParameter($this,
'new_type',
'role');
108 $ilToolbar->addButton(
109 $this->lng->txt(
'rolf_create_role'),
110 $this->ctrl->getLinkTarget($this,
'create')
113 $this->ctrl->setParameter($this,
'new_type',
'rolt');
114 $ilToolbar->addButton(
115 $this->lng->txt(
'rolf_create_rolt'),
116 $this->ctrl->getLinkTarget($this,
'create')
118 $this->ctrl->clearParameters($this);
120 $ilToolbar->addButton(
121 $this->lng->txt(
'rbac_import_role'),
122 $this->ctrl->getLinkTargetByClass(
'ilPermissionGUI',
'displayImportRoleForm')
125 include_once
'./Services/AccessControl/classes/class.ilRoleTableGUI.php';
128 $table->parse($this->object->getId());
130 $this->tpl->setContent($table->getHTML());
138 global $rbacsystem,
$ilCtrl, $ilTabs;
140 $ilTabs->clearTargets();
141 $ilTabs->setBackTarget(
142 $this->lng->txt(
'rbac_back_to_overview'),
143 $this->ctrl->getLinkTarget($this,
'view')
146 if(!$rbacsystem->checkAccess(
'visible,read',$this->object->getRefId()))
148 $ilErr->raiseError($this->lng->txt(
'permission_denied'),
$ilErr->MESSAGE);
151 $ilCtrl->setParameter($this,
'copy_source',(
int)
$_REQUEST[
'copy_source']);
155 $this->tpl->setContent($form->getHTML());
165 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
167 $form->setTitle($this->lng->txt(
'rbac_role_title'));
168 $form->setFormAction($ilCtrl->getFormAction($this,
'view'));
172 $search->setSize(30);
173 $search->setMaxLength(255);
174 $form->addItem($search);
176 $form->addCommandButton(
'roleSearchForm', $this->lng->txt(
'search'));
191 $ilCtrl->setParameter($this,
'copy_source',(
int)
$_REQUEST[
'copy_source']);
194 if($form->checkInput())
196 $_SESSION[
'rolf_search_query'] = $form->getInput(
'title');
201 $form->setValuesByPost();
202 $ilCtrl->redirect($this,
'roleSearch');
212 $ilTabs->clearTargets();
213 $ilTabs->setBackTarget(
214 $this->lng->txt(
'rbac_back_to_overview'),
215 $this->ctrl->getLinkTarget($this,
'roleSearchList')
218 $ilCtrl->setParameter($this,
'copy_source',(
int)
$_REQUEST[
'copy_source']);
220 if(strlen(
$_SESSION[
'rolf_search_query']))
224 include_once
'./Services/AccessControl/classes/class.ilRoleTableGUI.php';
227 $table->setRoleTitleFilter(
$_SESSION[
'rolf_search_query']);
229 $table->parse($this->object->getId());
230 return $this->tpl->setContent($table->getHTML());
234 $ilCtrl->redirect($this,
'roleSearch');
245 $ilTabs->clearTargets();
246 $ilTabs->setBackTarget(
247 $this->lng->txt(
'rbac_back_to_overview'),
248 $this->ctrl->getLinkTarget($this,
'roleSearchList')
253 $ilCtrl->setParameter($this,
'copy_source',(
int)
$_REQUEST[
'copy_source']);
256 $this->tpl->setContent($form->getHTML());
266 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
268 $form->setTitle($this->lng->txt(
'rbac_copy_behaviour'));
269 $form->setFormAction($ilCtrl->getFormAction($this,
'chooseCopyBehaviour'));
276 $ceo =
new ilRadioOption($this->lng->txt(
'change_existing_objects'),1);
277 $ce->addOption($ceo);
279 $cne =
new ilRadioOption($this->lng->txt(
'rbac_not_change_existing_objects'), 0);
280 $ce->addOption($cne);
283 $roles->setValue(implode(
',',(array)
$_POST[
'roles']));
284 $form->addItem($roles);
290 $form->addCommandButton(
'addRolePermissions', $this->lng->txt(
'rbac_copy_role_add_perm'));
291 $form->addCommandButton(
'removeRolePermissions', $this->lng->txt(
'rbac_copy_role_remove_perm'));
292 $form->addCommandButton(
'copyRole', $this->lng->txt(
'rbac_copy_role_copy'));
296 $form->addCommandButton(
'copyRole', $this->lng->txt(
'rbac_copy_role'));
310 $roles = explode(
',',
$_POST[
'roles']);
311 $source = (int)
$_REQUEST[
'copy_source'];
314 if($form->checkInput())
316 foreach((array) $roles as $role_id)
318 if($role_id != $source)
320 $this->
doCopyRole($source,$role_id,$form->getInput(
'change_existing'));
325 $ilCtrl->redirect($this,
'view');
337 $roles = explode(
',',
$_POST[
'roles']);
338 $source = (int)
$_REQUEST[
'copy_source'];
341 if($form->checkInput())
343 foreach((array) $roles as $role_id)
345 if($role_id != $source)
352 $ilCtrl->redirect($this,
'view');
361 global $rbacadmin, $rbacreview;
363 $rbacadmin->copyRolePermissionUnion(
365 $this->object->getRefId(),
367 $rbacreview->getRoleFolderOfRole($target),
369 $rbacreview->getRoleFolderOfRole($target)
381 $roles = explode(
',',
$_POST[
'roles']);
382 $source = (int)
$_REQUEST[
'copy_source'];
385 if($form->checkInput())
387 foreach((array) $roles as $role_id)
389 if($role_id != $source)
396 $ilCtrl->redirect($this,
'view');
405 global $rbacadmin, $rbacreview;
407 $rbacadmin->copyRolePermissionSubtract(
409 $this->object->getRefId(),
411 $rbacreview->getRoleFolderOfRole($target)
427 protected function doCopyRole($source, $target, $change_existing)
429 global
$tree, $rbacadmin, $rbacreview;
431 $target_obj = $rbacreview->getRoleFolderOfRole($target);
434 $rbacadmin->copyRoleTemplatePermissions(
436 $this->object->getRefId(),
441 if(!$change_existing || !$target_obj)
446 $start = $target_obj;
448 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
449 if($rbacreview->isProtected($this->object->getRefId(),$source))
461 $role->changeExistingObjects(
474 include_once
'./Services/AccessControl/classes/class.ilRoleTableGUI.php';
477 $table->resetOffset();
478 $table->writeFilterToSession();
488 include_once
'./Services/AccessControl/classes/class.ilRoleTableGUI.php';
491 $table->resetOffset();
492 $table->resetFilter();
504 if(!count(
$_POST[
'roles']))
507 $ilCtrl->redirect($this,
'view');
510 $question = $this->lng->txt(
'rbac_role_delete_qst');
512 include_once
'./Services/Utilities/classes/class.ilConfirmationGUI.php';
514 $confirm->setHeaderText($question);
515 $confirm->setFormAction($ilCtrl->getFormAction($this));
516 $confirm->setHeaderText($this->lng->txt(
"info_delete_sure"));
517 $confirm->setConfirm($this->lng->txt(
'delete'),
'deleteRole');
518 $confirm->setCancel($this->lng->txt(
'cancel'),
'cancel');
521 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
522 foreach(
$_POST[
'roles'] as $role_id)
530 $this->tpl->setContent($confirm->getHTML());
540 if(!$rbacsystem->checkAccess(
'delete',$this->object->getRefId()))
543 $this->lng->txt(
'msg_no_perm_delete'),
548 foreach((array)
$_POST[
'roles'] as $id)
553 if ($obj->getType() ==
"role")
555 $rolf_arr = $rbacreview->getFoldersAssignedToRole($obj->getId(),
true);
556 $obj->setParent($rolf_arr[0]);
564 $ilCtrl->redirect($this,
'view');
578 $this->ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
595 $this->ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
607 $this->ctrl->redirect($this,
"view");
620 $d = $this->objDefinition->getCreatableSubObjects($this->object->getType());
622 if ($this->object->getRefId() != ROLE_FOLDER_ID or !$rbacsystem->checkAccess(
'create_rolt',ROLE_FOLDER_ID))
627 if (!$rbacsystem->checkAccess(
'create_role',$this->object->getRefId()))
640 for ($i=0; $i<count($this->data[
"ctrl"]); $i++)
642 if ($this->data[
"ctrl"][$i][
"type"] == $row[
"name"])
648 if ($row[
"max"] ==
"" || $count < $row[
"max"])
650 $subobj[] = $row[
"name"];
655 if (is_array($subobj))
659 $a_tpl->setCurrentBlock(
"add_object");
660 $a_tpl->setVariable(
"SELECT_OBJTYPE", $opts);
661 $a_tpl->setVariable(
"BTN_NAME",
"create");
662 $a_tpl->setVariable(
"TXT_ADD", $this->lng->txt(
"add"));
663 $a_tpl->parseCurrentBlock();
678 $_GET[
"new_type"] = $this->
object->getType();
679 $_POST[
"Fobject"][
"title"] = $this->
object->getTitle();
680 $_POST[
"Fobject"][
"desc"] = $this->
object->getDescription();
690 $this->ctrl->redirect($this,
"view");
705 $tabs_gui->addTarget(
707 $this->ctrl->getLinkTarget($this,
"view"),
712 $tabs_gui->addTarget(
714 $this->ctrl->getLinkTarget($this,
"editSettings"),
715 array(
"editSettings"),
722 $tabs_gui->addTarget(
"perm_settings",
723 $this->ctrl->getLinkTargetByClass(array(get_class($this),
'ilpermissiongui'),
737 $this->tpl->setContent($a_form->getHTML());
746 $ilErr->raiseError($this->lng->txt(
'permission_denied'),$ilErr->MESSAGE);
750 if($form->checkInput())
752 include_once(
'./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
754 $privacy->enableRbacLog((
int)
$_POST[
'rbac_log']);
755 $privacy->setRbacLogAge((
int) $_POST[
'rbac_log_age']);
758 if($rbacreview->isAssigned($ilUser->getId(),SYSTEM_ROLE_ID))
760 include_once(
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
762 $security->protectedAdminRole((
int) $_POST[
'admin_role']);
767 $this->ctrl->redirect($this,
"editSettings");
770 $form->setValuesByPost();
778 $this->lng->loadLanguageModule(
'ps');
780 include_once(
'./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
781 include_once(
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
785 include_once(
"./Services/Form/classes/class.ilPropertyFormGUI.php");
787 $form->setFormAction($this->ctrl->getFormAction($this,
"saveSettings"));
788 $form->setTitle($this->lng->txt(
'settings'));
792 $admin->setDisabled(!$rbacreview->isAssigned($ilUser->getId(),SYSTEM_ROLE_ID));
793 $admin->setInfo($this->lng->txt(
'adm_adm_role_protect_info'));
794 $admin->setChecked((
int) $security->isAdminRoleProtected());
796 $form->addItem($admin);
798 $check =
new ilCheckboxInputGui($this->lng->txt(
'rbac_log'),
'rbac_log');
799 $check->setInfo($this->lng->txt(
'rbac_log_info'));
800 $check->setChecked($privacy->enabledRbacLog());
801 $form->addItem($check);
803 $age =
new ilNumberInputGUI($this->lng->txt(
'rbac_log_age'),
'rbac_log_age');
804 $age->
setInfo($this->lng->txt(
'rbac_log_age_info'));
805 $age->setValue($privacy->getRbacLogAge());
806 $age->setMinValue(1);
807 $age->setMaxValue(24);
809 $age->setMaxLength(2);
810 $check->addSubItem($age);
812 $form->addCommandButton(
'saveSettings',$this->lng->txt(
'save'));
823 include_once(
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php');
828 return array(array(
"editSettings", $fields));
832 include_once(
'./Services/PrivacySecurity/classes/class.ilPrivacySettings.php');
836 if((
bool)$privacy->enabledRbacLog())
838 $subitems = array(
'rbac_log_age' => $privacy->getRbacLogAge());
842 return array(array(
"editSettings", $fields));