4 include_once (
'./Services/Table/classes/class.ilTable2GUI.php');
5 include_once
'./Services/AccessControl/classes/class.ilPermissionGUI.php';
37 public function __construct($a_parent_obj,$a_parent_cmd, $a_ref_id)
43 $this->lng->loadLanguageModule(
'rbac');
45 $this->ref_id = $a_ref_id;
46 $this->tree_path_ids = $tree->getPathId($this->ref_id);
47 $this->role_folder_id = $rbacreview->getRoleFolderIdOfObject($this->
getRefId());
49 $this->
setId(
'objroleperm_'.$this->ref_id);
51 $tpl->addJavaScript(
'./Services/AccessControl/js/ilPermSelect.js');
53 $this->
setTitle($this->lng->txt(
'permission_settings'));
56 $this->
setFormAction($ilCtrl->getFormAction($a_parent_obj, $a_parent_cmd));
58 $this->
setRowTemplate(
"tpl.obj_role_perm_row.html",
"Services/AccessControl");
121 $this->activeOperations[] = $a_ops_id;
140 $this->visible_roles = $a_ar;
168 if ($tree->checkForParentType($this->getRefId(),
'crs') or
169 $tree->checkForParentType($this->getRefId(),
'grp'))
171 $roles->setValue(self::ROLE_FILTER_LOCAL);
175 $roles->setValue(self::ROLE_FILTER_ALL);
182 self::ROLE_FILTER_ALL => $this->lng->txt(
'filter_all_roles'),
183 self::ROLE_FILTER_GLOBAL => $this->lng->txt(
'filter_global_roles'),
184 self::ROLE_FILTER_LOCAL => $this->lng->txt(
'filter_local_roles'),
185 self::ROLE_FILTER_LOCAL_POLICY => $this->lng->txt(
'filter_roles_local_policy'),
186 self::ROLE_FILTER_LOCAL_OBJECT => $this->lng->txt(
'filter_local_roles_object')
199 global $objDefinition;
203 if(isset(
$row[
'show_local_policy_row']))
205 foreach(
$row[
'roles'] as $role_id => $role_info)
207 $this->tpl->setCurrentBlock(
'role_option');
208 $this->tpl->setVariable(
'INHERIT_ROLE_ID',$role_id);
209 $this->tpl->setVariable(
'INHERIT_CHECKED',$role_info[
'local_policy'] ?
'checked=checked' :
'');
210 $this->tpl->setVariable(
'INHERIT_DISABLED',($role_info[
'protected'] or $role_info[
'isLocal']) ?
'disabled="disabled"' :
'');
211 $this->tpl->setVariable(
'TXT_INHERIT',$this->lng->txt(
'rbac_local_policy'));
212 $this->tpl->setVariable(
'INHERIT_LONG',$this->lng->txt(
'perm_use_local_policy_desc'));
213 $this->tpl->parseCurrentBlock();
218 if(isset(
$row[
'show_protected_row']))
220 foreach(
$row[
'roles'] as $role_id => $role_info)
222 $this->tpl->setCurrentBlock(
'role_protect');
223 $this->tpl->setVariable(
'PROTECT_ROLE_ID',$role_id);
224 $this->tpl->setVariable(
'PROTECT_CHECKED',$role_info[
'protected_status'] ?
'checked=checked' :
'');
225 $this->tpl->setVariable(
'PROTECT_DISABLED',$role_info[
'protected_allowed'] ?
'' :
'disabled="disabled"');
226 $this->tpl->setVariable(
'TXT_PROTECT',$this->lng->txt(
'role_protect_permissions'));
227 $this->tpl->setVariable(
'PROTECT_LONG',$this->lng->txt(
'role_protect_permissions_desc'));
228 $this->tpl->parseCurrentBlock();
234 if(isset(
$row[
'show_block_row']))
238 $this->tpl->setCurrentBlock(
'role_block');
239 $this->tpl->setVariable(
'BLOCK_ROLE_ID',$role_info[
'obj_id']);
240 $this->tpl->setVariable(
'TXT_BLOCK',$this->lng->txt(
'role_block_role'));
241 $this->tpl->setVariable(
'BLOCK_LONG',$this->lng->txt(
'role_block_role_desc'));
242 if($role_info[
'protected'] ==
'y')
244 $this->tpl->setVariable(
'BLOCK_DISABLED',
'disabled="disabled');
247 $this->tpl->parseCurrentBlock();
253 if(isset(
$row[
'show_select_all']))
257 $this->tpl->setCurrentBlock(
'role_select_all');
258 $this->tpl->setVariable(
'JS_ROLE_ID',$role[
'obj_id']);
259 $this->tpl->setVariable(
'JS_SUBID',
$row[
'subtype']);
260 $this->tpl->setVariable(
'JS_ALL_PERMS',
"['".implode(
"','",
$row[
'ops']).
"']");
261 $this->tpl->setVariable(
'JS_FORM_NAME',$this->
getFormName());
262 $this->tpl->setVariable(
'TXT_SEL_ALL',$this->lng->txt(
'select_all'));
263 $this->tpl->parseCurrentBlock();
269 if(isset(
$row[
'show_start_info']))
271 $this->tpl->setCurrentBlock(
'section_info');
272 $this->tpl->setVariable(
'SECTION_TITLE',$this->lng->txt(
'perm_class_object'));
273 $this->tpl->setVariable(
'SECTION_DESC',$this->lng->txt(
'perm_class_object_desc'));
274 $this->tpl->parseCurrentBlock();
279 if(isset(
$row[
'show_create_info']))
281 $this->tpl->setCurrentBlock(
'section_info');
282 $this->tpl->setVariable(
'SECTION_TITLE',$this->lng->txt(
'perm_class_create'));
283 $this->tpl->setVariable(
'SECTION_DESC',$this->lng->txt(
'perm_class_create_desc'));
284 $this->tpl->parseCurrentBlock();
289 foreach((array)
$row[
'roles'] as $role_id => $role_info)
291 $this->tpl->setCurrentBlock(
'role_td');
292 $this->tpl->setVariable(
'PERM_ROLE_ID',$role_id);
293 $this->tpl->setVariable(
'PERM_PERM_ID',
$row[
'perm'][
'ops_id']);
296 if(substr(
$row[
'perm'][
'operation'],0,6) ==
'create')
298 if ($objDefinition->isPlugin(substr(
$row[
'perm'][
'operation'],7)))
301 "obj_".substr(
$row[
'perm'][
'operation'],7));
305 $perm = $this->lng->txt(
'obj_'.substr(
$row[
'perm'][
'operation'],7));
310 $perm = $this->lng->txt(
$row[
'perm'][
'operation']);
313 $this->tpl->setVariable(
'TXT_PERM',$perm);
315 if ($objDefinition->isPlugin($this->getObjType()))
322 $this->tpl->setVariable(
'PERM_LONG',$this->lng->txt($this->getObjType().
'_'.
$row[
'perm'][
'operation']));
325 if($role_info[
'protected'])
327 $this->tpl->setVariable(
'PERM_DISABLED',$role_info[
'protected'] ?
'disabled="disabled"' :
'');
329 if($role_info[
'permission_set'])
331 $this->tpl->setVariable(
'PERM_CHECKED',
'checked="checked"');
334 $this->tpl->parseCurrentBlock();
345 global $rbacreview,$objDefinition;
354 return $this->
setData(array());
358 $operations = array();
361 $operations[$role_data[
'obj_id']] = $rbacreview->getActiveOperationsOfRole($this->
getRefId(), $role_data[
'obj_id']);
366 $rolf = $rbacreview->getRoleFolderIdOfObject($this->
getRefId());
372 $local_roles = $rbacreview->getRoleFolderIdOfObject($this->
getRefId());
373 $local_roles = $rbacreview->getRolesOfRoleFolder($local_roles);
376 $roles[$role_data[
'obj_id']] = array(
377 'protected' => $role_data[
'protected'],
378 'local_policy' => in_array($role_data[
'obj_id'],$local_roles),
379 'isLocal' => ($rolf == $role_data[
'parent']) && $role_data[
'assign'] ==
'y'
382 $perms[$counter][
'roles'] =
$roles;
383 $perms[$counter][
'show_local_policy_row'] = 1;
394 $roles[$role_data[
'obj_id']] = array(
395 'protected_allowed' => $rbacreview->isAssignable($role_data[
'obj_id'],$rolf),
396 'protected_status' => $rbacreview->isProtected($role_data[
'parent'], $role_data[
'obj_id'])
399 $perms[$counter][
'roles'] =
$roles;
400 $perms[$counter][
'show_protected_row'] = 1;
407 $perms[$counter++][
'show_block_row'] = 1;
413 $perms[$counter++][
'show_start_info'] =
true;
417 $no_creation_operations = array();
418 foreach($rbacreview->getOperationsByTypeAndClass($this->getObjType(),
'object') as $operation)
421 $no_creation_operations[] = $operation;
427 $roles[$role_data[
'obj_id']] =
429 'protected' => $role_data[
'protected'],
430 'permission_set' => in_array($operation,(array) $operations[$role_data[
'obj_id']])
434 $op = $rbacreview->getOperation($operation);
436 $perms[$counter][
'roles'] =
$roles;
437 $perms[$counter][
'perm'] = $op;
445 if($no_creation_operations)
447 $perms[$counter][
'show_select_all'] = 1;
448 $perms[$counter][
'ops'] = $no_creation_operations;
449 $perms[$counter][
'subtype'] =
'nocreation';
454 if($objDefinition->isContainer($this->getObjType()))
456 $perms[$counter++][
'show_create_info'] =
true;
460 $objects = $objDefinition->getCreatableSubObjects($this->
getObjType());
462 $creation_operations = array();
463 foreach($objects as
$type => $info)
465 $ops_id = $ops_ids[
$type];
473 $creation_operations[] = $ops_id;
478 $roles[$role_data[
'obj_id']] =
480 'protected' => $role_data[
'protected'],
481 'permission_set' => in_array($ops_id,(array) $operations[$role_data[
'obj_id']])
485 $op = $rbacreview->getOperation($ops_id);
487 $perms[$counter][
'roles'] =
$roles;
488 $perms[$counter][
'perm'] = $op;
496 if(count($creation_operations))
498 $perms[$counter][
'show_select_all'] = 1;
499 $perms[$counter][
'ops'] = $creation_operations;
500 $perms[$counter][
'subtype'] =
'creation';
528 $column_widht =
"0%";
531 $all_roles = array();
534 if($role[
'obj_id'] == SYSTEM_ROLE_ID)
539 $role[
'role_type'] = $rbacreview->isGlobalRole($role[
'obj_id']) ?
'global' :
'local';
550 $all_roles[] = $role;
564 global $rbacreview,$tree;
567 $protected_status = $rbacreview->isProtected($role[
'parent'], $role[
'obj_id']) ?
'protected_' :
'';
568 if($role[
'role_type'] ==
'global')
570 $tp = $this->lng->txt(
'perm_'.$protected_status.
'global_role');
574 $tp = $this->lng->txt(
'perm_'.$protected_status.
'local_role');
577 $inheritance_seperator =
': ';
581 ($role[
'assign'] ==
'y' and $role[
'role_type'] !=
'global') or
582 ($role[
'assign'] ==
'n' and $role[
'role_type'] !=
'global')
587 $obj = $rbacreview->getObjectOfRole($role[
'obj_id']);
591 $this->lng->txt(
'perm_role_path_info_created'),
594 $inheritance_seperator =
', ';
598 $role_hierarchy = $rbacreview->getObjectsWithStopedInheritance($role[
'obj_id']);
599 $path_hierarchy = array_intersect($role_hierarchy, $this->
getPathIds());
600 $reduced_path_hierarchy = (array) array_diff(
604 $rbacreview->getObjectReferenceOfRole($role[
'obj_id'])
609 if($role[
'assign'] ==
'n' and count($reduced_path_hierarchy))
611 $tp .= $inheritance_seperator;
613 $parent = end($reduced_path_hierarchy);
616 $tp .= sprintf($this->lng->txt(
'perm_role_path_info_inheritance'),$this->lng->txt(
'obj_'.$p_type),$p_title);
631 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
637 return $role[
'title'];
639 $ilCtrl->setParameterByClass(
'ilobjrolegui',
'rolf_ref_id', $this->
getRoleFolderId());
640 $ilCtrl->setParameterByClass(
'ilobjrolegui',
'obj_id', $role[
'obj_id']);
642 return '<a class="tblheader" href="'.$ilCtrl->getLinkTargetByClass(
'ilobjrolegui',
'').
'" >'.$role[
'title'].
'</a>';