4 include_once
'./Services/AccessControl/classes/class.ilPermission2GUI.php';
39 global $rbacsystem,
$ilErr;
42 if (!$rbacsystem->checkAccess(
"edit_permission",$this->gui_obj->object->getRefId()))
44 $ilErr->raiseError($this->lng->txt(
"permission_denied"),$ilErr->MESSAGE);
47 $next_class = $this->ctrl->getNextClass($this);
52 $this->ctrl->setReturn($this,
'perm');
53 include_once(
"Services/AccessControl/classes/class.ilObjRoleGUI.php");
55 $this->gui_obj->setBackTarget($this->lng->txt(
"perm_settings"),$this->ctrl->getLinkTarget($this,
"perm"));
56 $ret = $this->ctrl->forwardCommand($this->gui_obj);
59 case 'ildidactictemplategui':
60 $this->ctrl->setReturn($this,
'perm');
61 include_once
'./Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
63 $this->ctrl->forwardCommand($did);
66 case 'ilrepositorysearchgui':
68 include_once(
'./Services/Search/classes/class.ilRepositorySearchGUI.php');
70 $this->ctrl->forwardCommand($rep_search);
74 $cmd = $this->ctrl->getCmd();
89 return $this->gui_obj->object;
97 include_once
'./Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
98 $this->ctrl->setReturn($this,
'perm');
99 $this->ctrl->setCmdClass(
'ildidactictemplategui');
101 $this->ctrl->forwardCommand($dtpl_gui,
'confirmTemplateSwitch');
111 global $objDefinition, $ilToolbar;
113 include_once
'./Services/DidacticTemplate/classes/class.ilDidacticTemplateGUI.php';
115 if($dtpl->appendToolbarSwitch(
117 $this->getCurrentObject()->getType(),
121 $ilToolbar->addSeparator();
124 if($objDefinition->hasLocalRoles($this->getCurrentObject()->getType()) and
128 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
132 $ilToolbar->addButton($this->lng->txt(
'rbac_add_new_local_role'),$this->ctrl->getLinkTarget($this,
'displayAddRoleForm'));
134 $ilToolbar->addButton($this->lng->txt(
'rbac_import_role'),$this->ctrl->getLinkTarget($this,
'displayImportRoleForm'));
141 include_once
'./Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
145 $this->tpl->setContent($table->getHTML());
180 include_once
'./Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
182 $table->resetOffset();
183 $table->writeFilterToSession();
184 return $this->
perm($table);
193 include_once
'./Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
195 $table->resetOffset();
196 $table->resetFilter();
198 return $this->
perm($table);
211 if(isset($a_roles[SYSTEM_ROLE_ID]))
213 unset($a_roles[SYSTEM_ROLE_ID]);
216 switch ($a_filter_id)
226 $arr_global_roles = $rbacreview->getGlobalRoles();
227 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_global_roles);
229 foreach ($arr_remove_roles as $role_id)
231 unset($a_roles[$role_id]);
237 $arr_global_roles = $rbacreview->getGlobalRoles();
239 foreach ($arr_global_roles as $role_id)
241 unset($a_roles[$role_id]);
249 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
256 $arr_local_roles = $rbacreview->getRolesOfRoleFolder($role_folder[
"ref_id"]);
257 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_local_roles);
259 foreach ($arr_remove_roles as $role_id)
261 unset($a_roles[$role_id]);
269 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
276 $arr_local_roles = $rbacreview->getRolesOfRoleFolder($role_folder[
"ref_id"],
false);
277 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_local_roles);
279 foreach ($arr_remove_roles as $role_id)
281 unset($a_roles[$role_id]);
297 global $rbacreview,$objDefinition,$rbacadmin;
299 include_once
'./Services/AccessControl/classes/class.ilObjectRolePermissionTableGUI.php';
303 $rbacreview->getParentRoleIds($this->getCurrentObject()->getRefId()),
304 $table->getFilterItemByPostVar(
'role')->getValue()
308 include_once
"Services/AccessControl/classes/class.ilRbacLog.php";
312 # all possible create permissions
313 $possible_ops_ids = $rbacreview->getOperationsByTypeAndClass(
318 # createable (activated) create permissions
319 $create_types = $objDefinition->getCreatableSubObjects(
324 foreach((array) $roles as $role => $role_data)
326 if($role_data[
'protected'])
331 $new_ops = array_keys((array)
$_POST[
'perm'][$role]);
332 $old_ops = $rbacreview->getRoleOperationsOnObject(
338 foreach($possible_ops_ids as $create_ops_id)
340 if(in_array($create_ops_id,$createable_ops_ids))
344 if(in_array($create_ops_id,$old_ops))
346 $new_ops[] = $create_ops_id;
350 $rbacadmin->revokePermission(
355 $rbacadmin->grantPermission(
357 array_unique($new_ops),
364 $relevant_roles = array_intersect(
365 $rbacreview->getRolesOfRoleFolder($rolf_id),
371 foreach($roles as $role)
374 if($role[
'parent'] == $rolf_id and $role[
'assign'] ==
'y')
379 if($role[
'protected'])
384 if($role[
'parent'] == $rolf_id and !isset($_POST[
'inherit'][$role[
'obj_id']]))
387 $role_obj->setParent($rolf_id);
392 if($role[
'parent'] != $rolf_id and isset($_POST[
'inherit'][$role[
'obj_id']]))
394 $rbacadmin->copyRoleTemplatePermissions(
400 $rbacadmin->assignRoleToFolder($role[
'obj_id'],$rolf_id,
'n');
408 foreach($roles as $role)
410 if($rbacreview->isAssignable($role[
'obj_id'], $rolf_id))
412 if(isset($_POST[
'protect'][$role[
'obj_id']]) and
413 !$rbacreview->isProtected($rolf_id, $role[
'obj_id']))
415 $rbacadmin->setProtected($rolf_id, $role[
'obj_id'],
'y');
417 elseif(!isset($_POST[
'protect'][$role[
'obj_id']]) and
418 $rbacreview->isProtected($rolf_id, $role[
'obj_id']))
420 $rbacadmin->setProtected($rolf_id, $role[
'obj_id'],
'n');
430 if(count((array) $_POST[
'block']))
437 #$this->ctrl->redirect($this,'perm');
450 include_once
'./Services/Utilities/classes/class.ilConfirmationGUI.php';
452 $confirm->setFormAction($this->ctrl->getFormAction($this));
453 $confirm->setHeaderText($this->lng->txt(
'role_confirm_block_role_header'));
454 $confirm->setConfirm($this->lng->txt(
'role_block_role'),
'blockRoles');
455 $confirm->setCancel($this->lng->txt(
'cancel'),
'perm');
457 foreach($a_roles as $role_id)
459 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
466 $this->tpl->setContent($confirm->getHTML());
476 global $rbacadmin,$rbacreview;
478 $rolf = $rbacreview->getRoleFolderIdOfObject($this->
getCurrentObject()->getRefId());
480 $p_roles = $rbacreview->getParentRoleIds($this->
getCurrentObject()->getRefId());
483 foreach($roles as $role)
486 $assign = $rbacreview->isAssignable($role, $rolf) ?
'y' :
'n';
489 $rbacadmin->revokeSubtreePermissions($this->
getCurrentObject()->getRefId(), $role);
492 $rbacadmin->deleteSubtreeTemplates($this->
getCurrentObject()->getRefId(), $role);
495 $rbacadmin->assignRoleToFolder(
503 $this->ctrl->redirect($this,
'perm');
515 $rolf_id = $rbacreview->getRoleFolderIdOfObject($this->
getCurrentObject()->getRefId());
522 return $rolf->getRefId();
532 global $objDefinition;
534 return $objDefinition->isContainer($a_type) and $a_type !=
'root' and $a_type !=
'adm' and $a_type !=
'rolf';
549 $GLOBALS[
'tpl']->setContent($form->getHTML());
560 if($form->checkInput())
564 include_once
'./Services/Export/classes/class.ilImport.php';
577 $imp->getMapping()->addMapping(
578 'Services/AccessControl',
581 $rbacreview->getRoleFolderIdOfObject($parent_ref)
586 $_FILES[
"importfile"][
"tmp_name"],
587 $_FILES[
"importfile"][
"name"],
591 $this->ctrl->redirect($this,
'perm');
597 $form->setValuesByPost();
602 $form->setValuesByPost();
612 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
614 $form->setFormAction($this->ctrl->getFormAction($this));
615 $form->setTitle($this->lng->txt(
'rbac_import_role'));
616 $form->addCommandButton(
'doImportRole', $this->lng->txt(
'import'));
617 $form->addCommandButton(
'perm', $this->lng->txt(
'cancel'));
619 $zip =
new ilFileInputGUI($this->lng->txt(
'import_file'),
'importfile');
621 $form->addItem($zip);
634 global $rbacreview,$objDefinition;
636 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
638 $form->setFormAction($this->ctrl->getFormAction($this));
639 $form->setTitle($this->lng->txt(
'role_new'));
640 $form->addCommandButton(
'addrole',$this->lng->txt(
'role_new'));
641 $form->addCommandButton(
'perm', $this->lng->txt(
'cancel'));
644 $title->setValidationRegexp(
'/^(?!il_).*$/');
645 $title->setValidationFailureMessage($this->lng->txt(
'msg_role_reserved_prefix'));
648 $title->setRequired(
true);
654 $form->addItem($desc);
657 $pro->
setInfo($this->lng->txt(
'role_protect_permissions_desc'));
659 $form->addItem($pro);
662 $pd->
setInfo($this->lng->txt(
'rbac_role_add_to_desktop_info'));
670 $option =
new ilRadioOption($this->lng->txt(
"rbac_role_rights_copy_empty"), 0);
671 $rights->addOption($option);
673 $parent_role_ids = $rbacreview->getParentRoleIds($this->gui_obj->object->getRefId(),
true);
675 foreach($parent_role_ids as $id => $tmp)
681 $sorted_ids =
ilUtil::_sortIds($ids,
'object_data',
'type DESC,title',
'obj_id');
687 foreach($sorted_ids as $id)
689 $par = $parent_role_ids[$id];
690 if ($par[
"obj_id"] != SYSTEM_ROLE_ID)
692 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
694 $option->
setInfo($par[
"desc"]);
695 $rights->addOption($option);
699 $form->addItem($rights);
703 if($objDefinition->isContainer($this->getCurrentObject()->getType()))
705 $check =
new ilCheckboxInputGui($this->lng->txt(
"rbac_role_rights_copy_change_existing"),
'existing');
706 $check->setInfo($this->lng->txt(
'rbac_change_existing_objects_desc_new_role'));
707 $form->addItem($check);
722 $this->tpl->setContent($form->getHTML());