ILIAS  release_10 Revision v10.1-43-ga1241a92c2f
class.ilLocalUserGUI.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
26 class ilLocalUserGUI
27 {
28  private ilObjectGUI $parentGui;
29  private ilTabsGUI $tabsGui;
30  private ilPropertyFormGUI $form;
31  private ilToolbarGUI $toolbar;
32  private ilCtrl $ctrl;
33  private ilGlobalTemplateInterface $tpl;
35  private $object;
36  private ilLanguage $lng;
37  private ilAccessHandler $access;
38  private ilRbacSystem $rbacSystem;
39  private ilRbacReview $rbacReview;
40  private ilRbacAdmin $rbacAdmin;
41  private ilObjUser $user;
42  private \ILIAS\DI\LoggingServices $logger;
43  protected \ILIAS\UI\Factory $ui_factory;
44  protected \ILIAS\HTTP\Wrapper\RequestWrapper $query_wrapper;
45  protected \ILIAS\Refinery\Factory $refinery;
46  private bool $set_unlimited;
47 
48  public function __construct(ilObjectGUI $parentGui)
49  {
50  global $DIC;
51 
52  $this->parentGui = $parentGui;
53  $this->object = $parentGui->getObject();
54  $this->tpl = $DIC->ui()->mainTemplate();
55  $this->ctrl = $DIC->ctrl();
56  $this->toolbar = $DIC->toolbar();
57  $this->lng = $DIC->language();
58  $this->rbacSystem = $DIC->rbac()->system();
59  $this->rbacReview = $DIC->rbac()->review();
60  $this->rbacAdmin = $DIC->rbac()->admin();
61  $this->user = $DIC->user();
62  $this->access = $DIC->access();
63  $this->tabsGui = $DIC->tabs();
64  $this->logger = $DIC->logger();
65  $this->ui_factory = $DIC['ui.factory'];
66  $this->refinery = $DIC['refinery'];
67  $this->query_wrapper = $DIC['http']->wrapper()->query();
68 
69  $this->lng->loadLanguageModule('user');
70  if (!$this->rbacSystem->checkAccess("cat_administrate_users", $this->parentGui->getObject()->getRefId())) {
71  $this->tpl->setOnScreenMessage('failure', $this->lng->txt("msg_no_perm_admin_users"), true);
72  }
73  }
74 
75  public function getRefId()
76  {
77  return $this->getIntFromQuery('ref_id');
78  }
79  protected function getObjId()
80  {
81  return $this->getIntFromQuery('obj_id');
82  }
83 
84  protected function getIntFromQuery(string $var): ?int
85  {
86  return $this->query_wrapper->retrieve(
87  $var,
88  $this->refinery->kindlyTo()->int()
89  );
90  }
91 
92  public function executeCommand(): bool
93  {
94  $cmd = $this->ctrl->getCmd();
95  switch ($cmd) {
96  case "assignRoles":
97  case "assignSave":
98  $this->tabsGui->clearTargets();
99  $this->tabsGui->setBackTarget(
100  $this->lng->txt("back"),
101  $this->ctrl->getLinkTargetByClass("illocalusergui", 'index')
102  );
103  $this->$cmd();
104  break;
105  default:
106  $this->$cmd();
107  break;
108  }
109 
110  return true;
111  }
112  public function getObject(): ilObjOrgUnit
113  {
114  return $this->object;
115  }
116 
117  protected function resetFilter(): void
118  {
119  $table = new ilUserTableGUI($this, "index", ilUserTableGUI::MODE_LOCAL_USER);
120  $table->resetOffset();
121  $table->resetFilter();
122  $this->index();
123  }
124 
125  protected function applyFilter(): void
126  {
127  $table = new ilUserTableGUI($this, "index", ilUserTableGUI::MODE_LOCAL_USER);
128  $table->resetOffset();
129  $table->writeFilterToSession();
130  $this->index();
131  }
132 
133  public function index(bool $show_delete = false): bool
134  {
135  $this->tpl->addBlockfile(
136  'ADM_CONTENT',
137  'adm_content',
138  'tpl.cat_admin_users.html',
139  "components/ILIAS/Category"
140  );
141  if (count($this->rbacReview->getGlobalAssignableRoles())
142  or in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))
143  ) {
144  $this->toolbar->addComponent(
145  $this->ui_factory->link()->standard(
146  $this->lng->txt('add_user'),
147  $this->ctrl->getLinkTargetByClass("ilobjusergui", "create")
148  )
149  );
150  $this->toolbar->addComponent(
151  $this->ui_factory->link()->standard(
152  $this->lng->txt('import_users'),
153  $this->ctrl->getLinkTargetByClass("ilobjuserfoldergui", "importUserForm")
154  )
155  );
156  } else {
157  $this->tpl->setOnScreenMessage('info', $this->lng->txt('no_roles_user_can_be_assigned_to'));
158  }
159  if ($show_delete) {
160  $this->tpl->setCurrentBlock("confirm_delete");
161  $this->tpl->setVariable("CONFIRM_FORMACTION", $this->ctrl->getFormAction($this));
162  $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt('cancel'));
163  $this->tpl->setVariable("CONFIRM_CMD", 'performDeleteUsers');
164  $this->tpl->setVariable("TXT_CONFIRM", $this->lng->txt('delete'));
165  $this->tpl->parseCurrentBlock();
166  }
167  $table = new ilUserTableGUI($this, 'index', ilUserTableGUI::MODE_LOCAL_USER);
168  $this->tpl->setVariable('USERS_TABLE', $table->getHTML());
169 
170  return true;
171  }
172 
173  protected function addUserAutoCompleteObject(): void
174  {
175  $auto = new ilUserAutoComplete();
176  $auto->setSearchFields(array('login', 'firstname', 'lastname', 'email'));
177  $auto->enableFieldSearchableCheck(true);
178  $auto->setMoreLinkAvailable(true);
179 
180  if (($_REQUEST['fetchall'])) {
181  $auto->setLimit(ilUserAutoComplete::MAX_ENTRIES);
182  }
183 
184  echo $auto->getList($_REQUEST['term']);
185  exit();
186  }
187 
188  public function performDeleteUsers(): bool
189  {
190  $this->checkPermission("cat_administrate_users");
191  foreach ($_POST['user_ids'] as $user_id) {
192  if (!in_array($user_id, ilLocalUser::_getAllUserIds($this->getRefId()))) {
193  $this->logger->write(__FILE__ . ":" . __LINE__ . " User with id $user_id could not be found.");
194  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('user_not_found_to_delete'));
195  }
196  if (!$tmp_obj = ilObjectFactory::getInstanceByObjId((int) $user_id, false)) {
197  continue;
198  }
199  $tmp_obj->delete();
200  }
201  $this->tpl->setOnScreenMessage('success', $this->lng->txt('deleted_users'), true);
202  $this->ctrl->redirect($this, 'index');
203 
204  return true;
205  }
206 
207  public function deleteUsers(): void
208  {
209  $this->checkPermission("cat_administrate_users");
210  if (!count($_POST['id'])) {
211  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('no_users_selected'));
212  $this->index();
213  return;
214  }
215  $confirm = new ilConfirmationGUI();
216  $confirm->setFormAction($this->ctrl->getFormAction($this));
217  $confirm->setHeaderText($this->lng->txt('sure_delete_selected_users'));
218  $confirm->setConfirm($this->lng->txt('delete'), 'performDeleteUsers');
219  $confirm->setCancel($this->lng->txt('cancel'), 'index');
220  foreach ($_POST['id'] as $user) {
221  $name = ilObjUser::_lookupName((int) $user);
222  $confirm->addItem(
223  'user_ids[]',
224  $user,
225  $name['lastname'] . ', ' . $name['firstname'] . ' [' . $name['login'] . ']'
226  );
227  }
228  $this->tpl->setContent($confirm->getHTML());
229  }
230 
231 
237  public function assignRoles(): void
238  {
239  if (!$this->access->checkAccess("cat_administrate_users", "", $this->getRefId())) {
240  $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
241  $this->ctrl->redirect($this, "");
242  }
243 
244  if (!$this->getObjId()) {
245  $this->tpl->setOnScreenMessage('failure', 'no_user_selected');
246  $this->index();
247  return;
248  }
249  $roles = $this->getAssignableRoles();
250  $this->tpl->addBlockfile(
251  'ADM_CONTENT',
252  'adm_content',
253  'tpl.cat_role_assignment.html',
254  "components/ILIAS/Category"
255  );
256  $ass_roles = $this->rbacReview->assignedRoles($this->getObjId());
257  $counter = 0;
258  $f_result = [];
259  foreach ($roles as $role) {
260  $role_obj = ilObjectFactory::getInstanceByObjId($role['obj_id']);
261  $disabled = false;
262  $f_result[$counter][] = ilLegacyFormElementsUtil::formCheckbox(
263  in_array($role['obj_id'], $ass_roles) ? true : false,
264  'role_ids[]',
265  (string) $role['obj_id'],
266  $disabled
267  );
268  $f_result[$counter][] = $role_obj->getTitle();
269  $f_result[$counter][] = $role_obj->getDescription() ? $role_obj->getDescription() : '';
270  $f_result[$counter][] = (isset($role['role_type']) && $role['role_type'] == 'global')
271  ?
272  $this->lng->txt('global')
273  :
274  $this->lng->txt('local');
275  unset($role_obj);
276  ++$counter;
277  }
278  $this->showRolesTable($f_result, "assignRolesObject");
279  }
280 
281  public function assignSave(): bool
282  {
283  if (!$this->access->checkAccess("cat_administrate_users", "", $this->getRefId())) {
284  $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
285  $this->ctrl->redirect($this, "");
286  }
287  // check hack
288  if (!$this->getObjId() or !in_array($this->getObjId(), ilLocalUser::_getAllUserIds())) {
289  $this->tpl->setOnScreenMessage('failure', 'no_user_selected');
290  $this->index();
291 
292  return true;
293  }
294  $roles = $this->getAssignableRoles();
295  // check minimum one global role
296  if (!$this->checkGlobalRoles($_POST['role_ids'])) {
297  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('no_global_role_left'));
298  $this->assignRoles();
299 
300  return false;
301  }
302  $new_role_ids = $_POST['role_ids'] ? $_POST['role_ids'] : array();
303  $assigned_roles = $this->rbacReview->assignedRoles($this->getObjId());
304  foreach ($roles as $role) {
305  if (in_array($role['obj_id'], $new_role_ids) and !in_array($role['obj_id'], $assigned_roles)) {
306  $this->rbacAdmin->assignUser($role['obj_id'], $this->getObjId());
307  }
308  if (in_array($role['obj_id'], $assigned_roles) and !in_array($role['obj_id'], $new_role_ids)) {
309  $this->rbacAdmin->deassignUser($role['obj_id'], $this->getObjId());
310  }
311  }
312  $this->tpl->setOnScreenMessage('success', $this->lng->txt('role_assignment_updated'));
313  $this->assignRoles();
314 
315  return true;
316  }
317 
318  public function checkGlobalRoles($new_assigned): bool
319  {
320  if (!$this->access->checkAccess("cat_administrate_users", "", $this->getRefId())) {
321  $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
322  $this->ctrl->redirect($this, "");
323  }
324  // return true if it's not a local user
325  $tmp_obj = ilObjectFactory::getInstanceByObjId($this->getObjId());
326  if ($tmp_obj->getTimeLimitOwner() != $this->object->getRefId() and
327  !in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))
328  ) {
329  return true;
330  }
331  // new assignment by form
332  $new_assigned = $new_assigned ? $new_assigned : array();
333  $assigned = $this->rbacReview->assignedRoles((int) $this->getObjId());
334  // all assignable globals
335  if (!in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId()))) {
336  $ga = $this->rbacReview->getGlobalAssignableRoles();
337  } else {
338  $ga = $this->rbacReview->getGlobalRolesArray();
339  }
340  $global_assignable = array();
341  foreach ($ga as $role) {
342  $global_assignable[] = $role['obj_id'];
343  }
344  $new_visible_assigned_roles = array_intersect($new_assigned, $global_assignable);
345  $all_assigned_roles = array_intersect($assigned, $this->rbacReview->getGlobalRoles());
346  $main_assigned_roles = array_diff($all_assigned_roles, $global_assignable);
347  if (!count($new_visible_assigned_roles) and !count($main_assigned_roles)) {
348  return false;
349  }
350 
351  return true;
352  }
353 
354 
359  public function getAssignableRoles(): array
360  {
361  // check local user
362  $tmp_obj = ilObjectFactory::getInstanceByObjId($this->getObjId());
363  // Admin => all roles
364  if (in_array(SYSTEM_ROLE_ID, $this->rbacReview->assignedRoles($this->user->getId())) === true) {
365  $global_roles = $this->rbacReview->getGlobalRolesArray();
366  } elseif ($tmp_obj->getTimeLimitOwner() == $this->object->getRefId()) {
367  $global_roles = $this->rbacReview->getGlobalAssignableRoles();
368  } else {
369  $global_roles = array();
370  }
371 
372  return array_merge($global_roles, $this->rbacReview->getAssignableChildRoles($this->object->getRefId()));
373  }
374 
375 
382  public function showRolesTable($a_result_set, $a_from = ""): bool
383  {
384  if ($this->access->checkAccess("cat_administrate_users", "", $this->getRefId()) === false) {
385  $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
386  $this->ctrl->redirect($this, "");
387  }
388  $tbl = $this->initTableGUI();
389  $tpl = $tbl->getTemplateObject();
390  // SET FORMAACTION
391  $tpl->setCurrentBlock("tbl_form_header");
392  $this->ctrl->setParameter($this, 'obj_id', $this->getObjId());
393  $tpl->setVariable("FORMACTION", $this->ctrl->getFormAction($this));
394  $tpl->parseCurrentBlock();
395  // SET FOOTER BUTTONS
396  $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("nav/arrow_downright.svg"));
397  $tpl->setVariable("BTN_NAME", "assignSave");
398  $tpl->setVariable("BTN_VALUE", $this->lng->txt("change_assignment"));
399  $tpl->setCurrentBlock("tbl_action_row");
400  $tpl->parseCurrentBlock();
401  $tmp_obj = ilObjectFactory::getInstanceByObjId($this->getObjId());
402  $title = $this->lng->txt('role_assignment') . ' (' . $tmp_obj->getFullname() . ')';
403  $tbl->setTitle($title, "standard/icon_role.svg", $this->lng->txt("role_assignment"));
404  $tbl->setHeaderNames(array(
405  '',
406  $this->lng->txt("title"),
407  $this->lng->txt('description'),
408  $this->lng->txt("type"),
409  ));
410  $tbl->setHeaderVars(array(
411  "",
412  "title",
413  "description",
414  "type",
415  ), (get_class($this->parentGui) == 'ilObjOrgUnitGUI')
416  ? array(
417  "ref_id" => $this->object->getRefId(),
418  "cmd" => "assignRoles",
419  "obj_id" => $this->getObjId(),
420  "cmdNode" => $_GET["cmdNode"],
421  "baseClass" => 'ilAdministrationGUI',
422  "admin_mode" => "settings",
423  )
424  : array(
425  "ref_id" => $this->object->getRefId(),
426  "cmd" => "assignRoles",
427  "obj_id" => $this->getObjId(),
428  "cmdClass" => "ilobjcategorygui",
429  "baseClass" => 'ilRepositoryGUI',
430  "cmdNode" => $_GET["cmdNode"],
431  ));
432  $tbl->setColumnWidth(array("4%", "35%", "45%", "16%"));
433  $this->set_unlimited = true;
434  $this->setTableGUIBasicData($tbl, $a_result_set, $a_from);
435  $tbl->render();
436  $this->tpl->setVariable('OBJECTS', $tbl->getTemplateObject()->get());
437 
438  return true;
439  }
440 
441  protected function initTableGUI(): ilTableGUI
442  {
443  return new ilTableGUI([], false);
444  }
445 
446  protected function setTableGUIBasicData($tbl, &$result_set, string $a_from = ""): void
447  {
448  $r = $this->refinery;
449  $order = $this->query_wrapper->retrieve("sort_by", $r->byTrying([
450  $r->kindlyTo()->string(),
451  $r->always('title')
452  ]));
453  $direction = $this->query_wrapper->retrieve("sort_order", $r->byTrying([
454  $r->kindlyTo()->string(),
455  $r->always('asc')
456  ]));
457  $offset = $this->query_wrapper->retrieve("offset", $r->byTrying([
458  $r->kindlyTo()->int(),
459  $r->always(0)
460  ]));
461  $limit = $this->query_wrapper->retrieve("limit", $r->byTrying([
462  $r->kindlyTo()->int(),
463  $r->always(0)
464  ]));
465 
466  if ($a_from == 'clipboardObject') {
467  $tbl->disable("footer");
468  }
469  $tbl->disable("linkbar");
470 
471  $tbl->setOrderColumn((string) $order);
472  $tbl->setOrderDirection((string) $direction);
473  $tbl->setOffset((int) $offset);
474  $tbl->setLimit((int) $limit);
475  $tbl->setFooter("tblfooter", $this->lng->txt("previous"), $this->lng->txt("next"));
476  $tbl->setData($result_set);
477  }
478 
479  protected function checkPermission(string $permission): void
480  {
481  if (!$this->access->checkAccess($permission, "", $this->getRefId())) {
482  $this->tpl->setOnScreenMessage('failure', $this->lng->txt("permission_denied"), true);
483  $this->ctrl->redirect($this, "");
484  }
485  }
486 }
ilLocalUser\_getAllUserIds
static _getAllUserIds(int $a_filter=0)
Definition: class.ilLocalUser.php:92
ilTabsGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilTabsGUI.php:25
ilLocalUserGUI\index
index(bool $show_delete=false)
Definition: class.ilLocalUserGUI.php:133
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
ilLocalUserGUI
Class ilLocalUserGUI.
Definition: class.ilLocalUserGUI.php:26
ilObjUser\_lookupName
static _lookupName(int $a_user_id)
lookup user name
Definition: class.ilObjUser.php:634
$_POST
$_POST['cmd']
Definition: lti.php:27
ilTableGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilTableGUI.php:25
ilGlobalTemplateInterface\setVariable
setVariable(string $variable, $value='')
Sets the given variable to the given value.
ilLocalUserGUI\$ui_factory
ILIAS UI Factory $ui_factory
Definition: class.ilLocalUserGUI.php:43
ilUserAutoComplete
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilUserAutoComplete.php:22
ilUserTableGUI
TableGUI class for user administration.
Definition: class.ilUserTableGUI.php:28
ilLocalUserGUI\$logger
ILIAS DI LoggingServices $logger
Definition: class.ilLocalUserGUI.php:42
ilLocalUserGUI\$refinery
ILIAS Refinery Factory $refinery
Definition: class.ilLocalUserGUI.php:45
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:46
$DIC
global $DIC
Definition: shib_login.php:25
ilUtil\getImagePath
static getImagePath(string $image_name, string $module_path="", string $mode="output", bool $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:67
ilLocalUserGUI\$tpl
ilGlobalTemplateInterface $tpl
Definition: class.ilLocalUserGUI.php:33
ilLocalUserGUI\$query_wrapper
ILIAS HTTP Wrapper RequestWrapper $query_wrapper
Definition: class.ilLocalUserGUI.php:44
$_GET
$_GET['cmd']
Definition: lti.php:26
ilLegacyFormElementsUtil\formCheckbox
static formCheckbox(bool $checked, string $varname, string $value, bool $disabled=false)
Definition: class.ilLegacyFormElementsUtil.php:261
ilLocalUserGUI\$rbacReview
ilRbacReview $rbacReview
Definition: class.ilLocalUserGUI.php:39
ilGlobalTemplateInterface\setCurrentBlock
setCurrentBlock(string $part=self::DEFAULT_BLOCK)
Sets the template to the given block.
ilLocalUserGUI\$access
ilAccessHandler $access
Definition: class.ilLocalUserGUI.php:37
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId(?int $obj_id, bool $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:84
ilLocalUserGUI\$form
ilPropertyFormGUI $form
Definition: class.ilLocalUserGUI.php:30
ilLocalUserGUI\$rbacSystem
ilRbacSystem $rbacSystem
Definition: class.ilLocalUserGUI.php:38
ilLocalUserGUI\checkGlobalRoles
checkGlobalRoles($new_assigned)
Definition: class.ilLocalUserGUI.php:318
ilRbacAdmin
Class ilRbacAdmin Core functions for role based access control.
Definition: class.ilRbacAdmin.php:30
ilGlobalTemplateInterface\parseCurrentBlock
parseCurrentBlock(string $block_name=self::DEFAULT_BLOCK)
Parses the given block.
ilLocalUserGUI\showRolesTable
showRolesTable($a_result_set, $a_from="")
Definition: class.ilLocalUserGUI.php:382
ilLocalUserGUI\getIntFromQuery
getIntFromQuery(string $var)
Definition: class.ilLocalUserGUI.php:84
ilLocalUserGUI\__construct
__construct(ilObjectGUI $parentGui)
Definition: class.ilLocalUserGUI.php:48
exit
exit
Definition: zoneinfo_generator.php:3
ilLocalUserGUI\checkPermission
checkPermission(string $permission)
Definition: class.ilLocalUserGUI.php:479
ilLocalUserGUI\setTableGUIBasicData
setTableGUIBasicData($tbl, &$result_set, string $a_from="")
Definition: class.ilLocalUserGUI.php:446
$r
$r
Definition: shib_logout.php:137