ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f870
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Static Protected Attributes | Static Private Attributes
ilRbacReview Class Reference
Services/AccessControl

class ilRbacReview Contains Review functions of core Rbac. More...

+ Collaboration diagram for ilRbacReview:

Public Member Functions

 __construct ()
 Constructor public. More...
 
 searchRolesByMailboxAddressList ($a_address_list)
 Finds all role ids that match the specified user friendly role mailbox address list. More...
 
 getRoleMailboxAddress ($a_role_id, $is_localize=true)
 Returns the mailbox address of a role. More...
 
 roleExists ($a_title, $a_id=0)
 Checks if a role already exists. More...
 
 getParentRoleIds ($a_endnode_id, $a_templates=false)
 get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates public More...
 
 getRoleListByObject ($a_ref_id, $a_templates=false)
 Returns a list of roles in an container public. More...
 
 getAssignableRoles ($a_templates=false, $a_internal_roles=false, $title_filter='')
 Returns a list of all assignable roles public. More...
 
 getAssignableRolesInSubtree ($ref_id)
 Returns a list of assignable roles in a subtree of the repository public. More...
 
 getAssignableChildRoles ($a_ref_id)
 Get all assignable roles directly under a specific node public. More...
 
 getNumberOfAssignedUsers (Array $a_roles)
 Get the number of assigned users to roles ilDB $ilDB. More...
 
 assignedUsers ($a_rol_id, $a_fields=NULL)
 get all assigned users to a given role public More...
 
 isAssigned ($a_usr_id, $a_role_id)
 check if a specific user is assigned to specific role public More...
 
 isAssignedToAtLeastOneGivenRole ($a_usr_id, $a_role_ids)
 check if a specific user is assigned to at least one of the given role ids. More...
 
 assignedRoles ($a_usr_id)
 get all assigned roles to a given user public More...
 
 assignedGlobalRoles ($a_usr_id)
 Get assigned global roles for an user. More...
 
 isAssignable ($a_rol_id, $a_ref_id)
 Check if its possible to assign users public. More...
 
 hasMultipleAssignments ($a_role_id)
 Temporary bugfix. More...
 
 getFoldersAssignedToRole ($a_rol_id, $a_assignable=false)
 Returns an array of objects assigned to a role. More...
 
 getRolesOfObject ($a_ref_id, $a_assignable_only=FALSE)
 Get roles of object. More...
 
 getRolesOfRoleFolder ($a_ref_id, $a_nonassignable=true)
 get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids public More...
 
 getGlobalRoles ()
 get only 'global' roles public More...
 
 getLocalRoles ($a_ref_id)
 Get local roles of object. More...
 
 getLocalPolicies ($a_ref_id)
 Get all roles with local policies. More...
 
 getGlobalRolesArray ()
 get only 'global' roles public More...
 
 getGlobalAssignableRoles ()
 get only 'global' roles (with flag 'assign_users') public More...
 
 isRoleAssignedToObject ($a_role_id, $a_parent_id)
 Check if role is assigned to an object. More...
 
 getOperations ()
 get all possible operations public More...
 
 getOperation ($ops_id)
 get one operation by operation id public More...
 
 getAllOperationsOfRole ($a_rol_id, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public More...
 
 getActiveOperationsOfRole ($a_ref_id, $a_role_id)
 Get active operations for a role. More...
 
 getOperationsOfRole ($a_rol_id, $a_type, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public More...
 
 getRoleOperationsOnObject ($a_role_id, $a_ref_id)
 ilDB $ilDB More...
 
 getOperationsOnType ($a_typ_id)
 all possible operations of a type public More...
 
 getOperationsOnTypeString ($a_type)
 all possible operations of a type public More...
 
 getOperationsByTypeAndClass ($a_type, $a_class)
 Get operations by type and class. More...
 
 getObjectsWithStopedInheritance ($a_rol_id, $a_filter=array())
 get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder. More...
 
 isDeleted ($a_node_id)
 Checks if a rolefolder is set as deleted (negative tree_id) public. More...
 
 isGlobalRole ($a_role_id)
 Check if role is a global role. More...
 
 getRolesByFilter ($a_filter=0, $a_user_id=0, $title_filter='')
 ilDB $ilDB More...
 
 getTypeId ($a_type)
 Get type id of object ilDB $ilDB. More...
 
 isProtected ($a_ref_id, $a_role_id)
 
 getObjectOfRole ($a_role_id)
 Get object id of objects a role is assigned to. More...
 
 getObjectReferenceOfRole ($a_role_id)
 Get reference of role. More...
 
 isRoleDeleted ($a_role_id)
 return if role is only attached to deleted role folders More...
 
 getRolesForIDs ($role_ids, $use_templates)
 ilDB $ilDB More...
 
 getOperationAssignment ()
 get operation assignments More...
 
 isDeleteable ($a_role_id, $a_rolf_id)
 Check if role is deleteable at a specific position. More...
 
 isSystemGeneratedRole ($a_role_id)
 Check if the role is system generate role or role template. More...
 
 getRoleFolderOfRole ($a_role_id)
 Get role folder of role ilDB $ilDB. More...
 
 getUserPermissionsOnObject ($a_user_id, $a_ref_id)
 Get all user permissions on an object. More...
 
 setAssignedCacheEntry ($a_role_id, $a_user_id, $a_value)
 set entry of assigned_chache More...
 
 getAssignedCacheEntry ($a_role_id, $a_user_id)
 get entry of assigned_chache More...
 
 clearCaches ()
 Clear assigned users caches. More...
 

Static Public Member Functions

static _getOperationIdsByName ($operations)
 get ops_id's by name. More...
 
static _getOperationIdByName ($a_operation)
 get operation id by name of operation public static More...
 
static lookupCreateOperationIds ($a_type_arr)
 Lookup operation ids. More...
 
static _getOperationList ($a_type=null)
 get operation list by object type public static More...
 
static _groupOperationsByClass ($a_ops_arr)
 

Data Fields

const FILTER_ALL = 1
 
const FILTER_ALL_GLOBAL = 2
 
const FILTER_ALL_LOCAL = 3
 
const FILTER_INTERNAL = 4
 
const FILTER_NOT_INTERNAL = 5
 
const FILTER_TEMPLATES = 6
 
 $log = null
 

Protected Member Functions

 __getParentRoles ($a_path, $a_templates)
 Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan. More...
 
 __setTemplateFilter ($a_templates)
 get roles and templates or only roles; returns string for where clause private More...
 
 __setRoleType ($a_role_list)
 computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates More...
 
 __setProtectedStatus ($a_parent_roles, $a_role_hierarchy, $a_ref_id)
 Set protected status type $rbacsystem type $ilUser type $log. More...
 

Protected Attributes

 $assigned_roles = array()
 

Static Protected Attributes

static $assigned_users_cache = array()
 
static $is_assigned_cache = array()
 

Static Private Attributes

static $_opsCache = null
 

Detailed Description

class ilRbacReview Contains Review functions of core Rbac.

This class offers the possibility to view the contents of the user <-> role (UR) relation and the permission <-> role (PR) relation. For example, from the UA relation the administrator should have the facility to view all user assigned to a given role.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

Definition at line 19 of file class.ilRbacReview.php.

Constructor & Destructor Documentation

◆ __construct()

ilRbacReview::__construct ( )

Constructor public.

Definition at line 48 of file class.ilRbacReview.php.

References $ilDB, $ilErr, $ilLog, if, and PEAR_ERROR_CALLBACK.

49  {
50  global $ilDB,$ilErr,$ilias,$ilLog;
51 
52  $this->log =& $ilLog;
53 
54  // set db & error handler
55  (isset($ilDB)) ? $this->ilDB =& $ilDB : $this->ilDB =& $ilias->db;
56 
57  if (!isset($ilErr))
58  {
59  $ilErr = new ilErrorHandling();
60  $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
61  }
62  else
63  {
64  $this->ilErr =& $ilErr;
65  }
66  }
PEAR_ERROR_CALLBACK
const PEAR_ERROR_CALLBACK
Definition: PEAR.php:35
$ilLog
$ilLog
Definition: inc.setup_header.php:132
if
if(!file_exists(getcwd().'/ilias.ini.php')) if(isset( $_GET["client_id"]))
registration confirmation script for ilias
Definition: confirmReg.php:20
ilErrorHandling
Error Handling & global info handling uses PEAR error class.
Definition: class.ilErrorHandling.php:18
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$ilErr
$ilErr
Definition: inc.setup_header.php:81

Member Function Documentation

◆ __getParentRoles()

ilRbacReview::__getParentRoles (   $a_path,
  $a_templates 
)
protected

Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan.

Get parent roles in a path. If last parameter is set 'true' it delivers also all templates in the path protected

Parameters
arrayarray with path_ids
booleantrue for role templates (default: false)
Returns
array array with all parent roles (obj_ids)
Todo:
refactor rolf => DONE

Definition at line 597 of file class.ilRbacReview.php.

References $ref_id, __setProtectedStatus(), and getRoleListByObject().

Referenced by getParentRoleIds().

598  {
599  if (!isset($a_path) or !is_array($a_path))
600  {
601  $message = get_class($this)."::getParentRoles(): No path given or wrong datatype!";
602  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
603  }
604 
605  $parent_roles = array();
606  $role_hierarchy = array();
607 
608  foreach($a_path as $ref_id)
609  {
610  $roles = $this->getRoleListByObject($ref_id,$a_templates);
611  foreach($roles as $role)
612  {
613  $id = $role["obj_id"];
614  $role["parent"] = $ref_id;
615  $parent_roles[$id] = $role;
616 
617  if (!array_key_exists($role['obj_id'],$role_hierarchy))
618  {
619  $role_hierarchy[$id] = $ref_id;
620  }
621  }
622  }
623  return $this->__setProtectedStatus($parent_roles,$role_hierarchy,reset($a_path));
624  }
ilRbacReview\getRoleListByObject
getRoleListByObject($a_ref_id, $a_templates=false)
Returns a list of roles in an container public.
Definition: class.ilRbacReview.php:666
ilRbacReview\__setProtectedStatus
__setProtectedStatus($a_parent_roles, $a_role_hierarchy, $a_ref_id)
Set protected status type $rbacsystem type $ilUser type $log.
Definition: class.ilRbacReview.php:1934
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setProtectedStatus()

ilRbacReview::__setProtectedStatus (   $a_parent_roles,
  $a_role_hierarchy,
  $a_ref_id 
)
protected

Set protected status type $rbacsystem type $ilUser type $log.

Parameters
type$a_parent_roles
type$a_role_hierarchy
type$a_ref_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1934 of file class.ilRbacReview.php.

References $ilUser, $log, and assignedRoles().

Referenced by __getParentRoles().

1935  {
1936  //vd('refId',$a_ref_id,'parent roles',$a_parent_roles,'role-hierarchy',$a_role_hierarchy);
1937 
1938  global $rbacsystem,$ilUser,$log;
1939 
1940  if (in_array(SYSTEM_ROLE_ID,$this->assignedRoles($ilUser->getId())))
1941  {
1942  $leveladmin = true;
1943  }
1944  else
1945  {
1946  $leveladmin = false;
1947  }
1948  #vd("RoleHierarchy",$a_role_hierarchy);
1949  foreach ($a_role_hierarchy as $role_id => $rolf_id)
1950  {
1951  //$log->write("ilRBACreview::__setProtectedStatus(), 0");
1952  #echo "<br/>ROLF: ".$rolf_id." ROLE_ID: ".$role_id." (".$a_parent_roles[$role_id]['title'].") ";
1953  //var_dump($leveladmin,$a_parent_roles[$role_id]['protected']);
1954 
1955  if ($leveladmin == true)
1956  {
1957  $a_parent_roles[$role_id]['protected'] = false;
1958  continue;
1959  }
1960 
1961  if ($a_parent_roles[$role_id]['protected'] == true)
1962  {
1963  $arr_lvl_roles_user = array_intersect($this->assignedRoles($ilUser->getId()),array_keys($a_role_hierarchy,$rolf_id));
1964 
1965  #vd("intersection",$arr_lvl_roles_user);
1966 
1967  foreach ($arr_lvl_roles_user as $lvl_role_id)
1968  {
1969  #echo "<br/>level_role: ".$lvl_role_id;
1970  #echo "<br/>a_ref_id: ".$a_ref_id;
1971 
1972  //$log->write("ilRBACreview::__setProtectedStatus(), 1");
1973  // check if role grants 'edit_permission' to parent
1974  $rolf = $a_parent_roles[$role_id]['parent'];
1975  #$parent_obj = $GLOBALS['tree']->getParentId($rolf);
1976  if ($rbacsystem->checkPermission($rolf,$lvl_role_id,'edit_permission'))
1977  {
1978  #echo "<br />Permission granted";
1979  //$log->write("ilRBACreview::__setProtectedStatus(), 2");
1980  // user may change permissions of that higher-ranked role
1981  $a_parent_roles[$role_id]['protected'] = false;
1982 
1983  // remember successful check
1984  //$leveladmin = true;
1985  }
1986  }
1987  }
1988  }
1989  return $a_parent_roles;
1990  }
$ilUser
global $ilUser
Definition: imgupload.php:15
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user public
Definition: class.ilRbacReview.php:1030
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setRoleType()

ilRbacReview::__setRoleType (   $a_role_list)
protected

computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates

private

Parameters
arrayrole list
Returns
array role list with additional entry for role_type
Todo:
refactor rolf => DONE

Definition at line 835 of file class.ilRbacReview.php.

Referenced by getAssignableRoles(), getRoleListByObject(), getRolesByFilter(), and getRolesForIDs().

836  {
837  foreach ($a_role_list as $key => $val)
838  {
839  // determine role type
840  if ($val["type"] == "rolt")
841  {
842  $a_role_list[$key]["role_type"] = "template";
843  }
844  else
845  {
846  if ($val["assign"] == "y")
847  {
848  if ($val["parent"] == ROLE_FOLDER_ID)
849  {
850  $a_role_list[$key]["role_type"] = "global";
851  }
852  else
853  {
854  $a_role_list[$key]["role_type"] = "local";
855  }
856  }
857  else
858  {
859  $a_role_list[$key]["role_type"] = "linked";
860  }
861  }
862 
863  if ($val["protected"] == "y")
864  {
865  $a_role_list[$key]["protected"] = true;
866  }
867  else
868  {
869  $a_role_list[$key]["protected"] = false;
870  }
871  }
872 
873  return $a_role_list;
874  }
+ Here is the caller graph for this function:

◆ __setTemplateFilter()

ilRbacReview::__setTemplateFilter (   $a_templates)
protected

get roles and templates or only roles; returns string for where clause private

Parameters
booleantrue: with templates
Returns
string where clause
Todo:
refactor rolf => DONE

Definition at line 807 of file class.ilRbacReview.php.

References $ilDB.

Referenced by getAssignableRoles(), getRoleListByObject(), and getRolesForIDs().

808  {
809  global $ilDB;
810 
811  if ($a_templates === true)
812  {
813  $where = "WHERE ".$ilDB->in('object_data.type',array('role','rolt'),false,'text')." ";
814  }
815  else
816  {
817  $where = "WHERE ".$ilDB->in('object_data.type',array('role'),false,'text')." ";
818  }
819 
820  return $where;
821  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getOperationIdByName()

static ilRbacReview::_getOperationIdByName (   $a_operation)
static

get operation id by name of operation public static

Parameters
stringoperation name
Returns
integer operation id
Todo:
refactor rolf => DONE

Definition at line 1831 of file class.ilRbacReview.php.

References $ilDB, $ilErr, $r, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilRbacSystem\checkAccessOfUser(), and ilObjBlog\getRolesWithContribute().

1832  {
1833  global $ilDB,$ilErr;
1834 
1835  if (!isset($a_operation))
1836  {
1837  $message = "perm::getOperationId(): No operation given!";
1838  $ilErr->raiseError($message,$ilErr->WARNING);
1839  }
1840 
1841  // Cache operation ids
1842  if (! is_array(self::$_opsCache)) {
1843  self::$_opsCache = array();
1844 
1845  $q = "SELECT ops_id, operation FROM rbac_operations";
1846  $r = $ilDB->query($q);
1847  while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
1848  {
1849  self::$_opsCache[$row->operation] = $row->ops_id;
1850  }
1851  }
1852 
1853  // Get operation ID by name from cache
1854  if (array_key_exists($a_operation, self::$_opsCache)) {
1855  return self::$_opsCache[$a_operation];
1856  }
1857  return null;
1858  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$ilErr
$ilErr
Definition: inc.setup_header.php:81
$r
$r
Definition: shib_logout.php:151
+ Here is the caller graph for this function:

◆ _getOperationIdsByName()

static ilRbacReview::_getOperationIdsByName (   $operations)
static

get ops_id's by name.

Example usage: $rbacadmin->grantPermission($roles,ilRbacReview::_getOperationIdsByName(array('visible','read'),$ref_id));

public

Parameters
arraystring name of operation. see rbac_operations
Returns
array integer ops_id's
Todo:
refactor rolf => DONE

Definition at line 1803 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by ilUtil\_getObjectsByOperations(), ilLicense\getPotentialAccesses(), and ilECSObjectSettings\handlePermissionUpdate().

1804  {
1805  global $ilDB;
1806 
1807  if(!count($operations))
1808  {
1809  return array();
1810  }
1811 
1812  $query = 'SELECT ops_id FROM rbac_operations '.
1813  'WHERE '.$ilDB->in('operation',$operations,false,'text');
1814 
1815  $res = $ilDB->query($query);
1816  while($row = $ilDB->fetchObject($res))
1817  {
1818  $ops_ids[] = $row->ops_id;
1819  }
1820  return $ops_ids ? $ops_ids : array();
1821  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getOperationList()

static ilRbacReview::_getOperationList (   $a_type = null)
static

get operation list by object type public static

Parameters
stringobject type you want to have the operation list
stringorder column
stringorder direction (possible values: ASC or DESC)
Returns
array returns array of operations
Todo:
refactor rolf => DONE

Definition at line 2002 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by ilObjTypeDefinitionGUI\editObject(), ilObjectPermissionStatusGUI\getAccessPermissionTableData(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), ilObjRoleTemplateGUI\permObject(), and ilObjTypeDefinitionGUI\viewObject().

2003  {
2004  global $ilDB;
2005 
2006  $arr = array();
2007 
2008  if ($a_type)
2009  {
2010  $query = sprintf('SELECT * FROM rbac_operations '.
2011  'JOIN rbac_ta ON rbac_operations.ops_id = rbac_ta.ops_id '.
2012  'JOIN object_data ON rbac_ta.typ_id = object_data.obj_id '.
2013  'WHERE object_data.title = %s '.
2014  'AND object_data.type = %s '.
2015  'ORDER BY op_order ASC',
2016  $ilDB->quote($a_type,'text'),
2017  $ilDB->quote('typ','text'));
2018  }
2019  else
2020  {
2021  $query = 'SELECT * FROM rbac_operations ORDER BY op_order ASC';
2022  }
2023  $res = $ilDB->query($query);
2024  while ($row = $ilDB->fetchAssoc($res))
2025  {
2026  $arr[] = array(
2027  "ops_id" => $row['ops_id'],
2028  "operation" => $row['operation'],
2029  "desc" => $row['description'],
2030  "class" => $row['class'],
2031  "order" => $row['op_order']
2032  );
2033  }
2034  return $arr;
2035  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _groupOperationsByClass()

static ilRbacReview::_groupOperationsByClass (   $a_ops_arr)
static
Parameters
type$a_ops_arr
Returns
type
Todo:
refactor rolf => DONE

Definition at line 2043 of file class.ilRbacReview.php.

2044  {
2045  $arr = array();
2046 
2047  foreach ($a_ops_arr as $ops)
2048  {
2049  $arr[$ops['class']][] = array ('ops_id' => $ops['ops_id'],
2050  'name' => $ops['operation']
2051  );
2052  }
2053  return $arr;
2054  }

◆ assignedGlobalRoles()

ilRbacReview::assignedGlobalRoles (   $a_usr_id)

Get assigned global roles for an user.

Parameters
int$a_usr_idId of user account
Todo:
refactor rolf => DONE

Definition at line 1051 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

1052  {
1053  global $ilDB;
1054 
1055  $query = "SELECT ua.rol_id FROM rbac_ua ua ".
1056  "JOIN rbac_fa fa ON ua.rol_id = fa.rol_id ".
1057  "WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer').' '.
1058  "AND parent = ".$ilDB->quote(ROLE_FOLDER_ID)." ".
1059  "AND assign = 'y' ";
1060 
1061  $res = $ilDB->query($query);
1062  while($row = $ilDB->fetchObject($res))
1063  {
1064  $role_arr[] = $row->rol_id;
1065  }
1066  return $role_arr ? $role_arr : array();
1067  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ assignedRoles()

ilRbacReview::assignedRoles (   $a_usr_id)

get all assigned roles to a given user public

Parameters
integerusr_id
Returns
array all roles (id) the user have
Todo:
refactor rolf => DONE

Definition at line 1030 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by __setProtectedStatus(), and getRolesByFilter().

1031  {
1032  global $ilDB;
1033 
1034  $role_arr = array();
1035 
1036  $query = "SELECT rol_id FROM rbac_ua WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer');
1037 
1038  $res = $ilDB->query($query);
1039  while($row = $ilDB->fetchObject($res))
1040  {
1041  $role_arr[] = $row->rol_id;
1042  }
1043  return $role_arr ? $role_arr : array();
1044  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ assignedUsers()

ilRbacReview::assignedUsers (   $a_rol_id,
  $a_fields = NULL 
)

get all assigned users to a given role public

Parameters
integerrole_id
arraycolumns to get form usr_data table (optional)
Returns
array all users (id) assigned to role OR arrays of user datas
Todo:
refactor rolf => (check result buffering)

Definition at line 904 of file class.ilRbacReview.php.

References $ilBench, $ilDB, $query, $res, and $row.

905  {
906  global $ilBench,$ilDB;
907 
908  $ilBench->start("RBAC", "review_assignedUsers");
909 
910  if (!isset($a_rol_id))
911  {
912  $message = get_class($this)."::assignedUsers(): No role_id given!";
913  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
914  }
915  if (! $a_fields AND isset(self::$assigned_users_cache[$a_rol_id])) {
916  return self::$assigned_users_cache[$a_rol_id];
917  }
918 
919  $result_arr = array();
920 
921  if ($a_fields !== NULL and is_array($a_fields))
922  {
923  if (count($a_fields) == 0)
924  {
925  $select = "*";
926  }
927  else
928  {
929  if (($usr_id_field = array_search("usr_id",$a_fields)) !== false)
930  unset($a_fields[$usr_id_field]);
931 
932  $select = implode(",",$a_fields).",usr_data.usr_id";
933  $select = addslashes($select);
934  }
935 
936  $ilDB->enableResultBuffering(false);
937  $query = "SELECT ".$select." FROM usr_data ".
938  "LEFT JOIN rbac_ua ON usr_data.usr_id = rbac_ua.usr_id ".
939  "WHERE rbac_ua.rol_id =".$ilDB->quote($a_rol_id,'integer');
940  $res = $ilDB->query($query);
941  while($row = $ilDB->fetchAssoc($res))
942  {
943  $result_arr[] = $row;
944  }
945  $ilDB->enableResultBuffering(true);
946  }
947  else
948  {
949  $ilDB->enableResultBuffering(false);
950  $query = "SELECT usr_id FROM rbac_ua WHERE rol_id= ".$ilDB->quote($a_rol_id,'integer');
951 
952  $res = $ilDB->query($query);
953  while($row = $ilDB->fetchAssoc($res))
954  {
955  array_push($result_arr,$row["usr_id"]);
956  }
957  $ilDB->enableResultBuffering(true);
958  }
959 
960  $ilBench->stop("RBAC", "review_assignedUsers");
961 
962  if (! $a_fields) {
963  self::$assigned_users_cache[$a_rol_id] = $result_arr;
964  }
965 
966  return $result_arr;
967  }
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ clearCaches()

ilRbacReview::clearCaches ( )

Clear assigned users caches.

Definition at line 2337 of file class.ilRbacReview.php.

2338  {
2339  self::$is_assigned_cache = array();
2340  self::$assigned_users_cache = array();
2341  }

◆ getActiveOperationsOfRole()

ilRbacReview::getActiveOperationsOfRole (   $a_ref_id,
  $a_role_id 
)

Get active operations for a role.

Parameters
object$a_ref_id
object$a_role_id
Returns
Todo:
refactor rolf => DONE

Definition at line 1419 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_ASSOC.

1420  {
1421  global $ilDB;
1422 
1423  $query = 'SELECT * FROM rbac_pa '.
1424  'WHERE ref_id = '.$ilDB->quote($a_ref_id,'integer').' '.
1425  'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' ';
1426 
1427  $res = $ilDB->query($query);
1428  while($row = $res->fetchRow(DB_FETCHMODE_ASSOC))
1429  {
1430  return unserialize($row['ops_id']);
1431  }
1432  return array();
1433  }
DB_FETCHMODE_ASSOC
const DB_FETCHMODE_ASSOC
Definition: class.ilDB.php:10
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAllOperationsOfRole()

ilRbacReview::getAllOperationsOfRole (   $a_rol_id,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public

Parameters
integerrole_id
integerrole folder id
Returns
array array of operation_id and types
Todo:
refactor rolf => DONE

Definition at line 1390 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

1391  {
1392  global $ilDB;
1393 
1394  if(!$a_parent)
1395  {
1396  $a_parent = ROLE_FOLDER_ID;
1397  }
1398 
1399  $query = "SELECT ops_id,type FROM rbac_templates ".
1400  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1401  "AND parent = ".$ilDB->quote($a_parent,'integer');
1402  $res = $ilDB->query($query);
1403 
1404  $ops_arr = array();
1405  while ($row = $ilDB->fetchObject($res))
1406  {
1407  $ops_arr[$row->type][] = $row->ops_id;
1408  }
1409  return (array) $ops_arr;
1410  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAssignableChildRoles()

ilRbacReview::getAssignableChildRoles (   $a_ref_id)

Get all assignable roles directly under a specific node public.

Parameters
ref_id
Returns
array set ids
Todo:
refactor rolf => Find a better name; reduce sql fields

Definition at line 781 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

782  {
783  global $ilDB;
784 
785  $query = "SELECT fa.*, rd.* ".
786  "FROM object_data rd ".
787  "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id ".
788  "WHERE fa.assign = 'y' ".
789  "AND fa.parent = ".$this->ilDB->quote($a_ref_id,'integer')." "
790  ;
791 
792  $res = $ilDB->query($query);
793  while($row = $ilDB->fetchAssoc($res))
794  {
795  $roles_data[] = $row;
796  }
797  return $roles_data ? $roles_data : array();
798  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAssignableRoles()

ilRbacReview::getAssignableRoles (   $a_templates = false,
  $a_internal_roles = false,
  $title_filter = '' 
)

Returns a list of all assignable roles public.

Parameters
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 708 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by getRolesByFilter().

709  {
710  global $ilDB;
711 
712  $role_list = array();
713 
714  $where = $this->__setTemplateFilter($a_templates);
715 
716  $query = "SELECT * FROM object_data ".
717  "JOIN rbac_fa ON obj_id = rol_id ".
718  $where.
719  "AND rbac_fa.assign = 'y' ";
720 
721  if(strlen($title_filter))
722  {
723  $query .= (' AND '.$ilDB->like(
724  'title',
725  'text',
726  $title_filter.'%'
727  ));
728  }
729  $res = $ilDB->query($query);
730 
731  while ($row = $ilDB->fetchAssoc($res))
732  {
733  $row["desc"] = $row["description"];
734  $row["user_id"] = $row["owner"];
735  $role_list[] = $row;
736  }
737 
738  $role_list = $this->__setRoleType($role_list);
739 
740  return $role_list;
741  }
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:807
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:835
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssignableRolesInSubtree()

ilRbacReview::getAssignableRolesInSubtree (   $ref_id)

Returns a list of assignable roles in a subtree of the repository public.

Parameters
ref_idRoot node of subtree
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 750 of file class.ilRbacReview.php.

References $GLOBALS, $ilDB, $query, $ref_id, $res, $row, and DB_FETCHMODE_OBJECT.

751  {
752  global $ilDB;
753 
754  $query = 'SELECT rol_id FROM rbac_fa fa '.
755  'JOIN tree t1 ON t1.child = fa.parent '.
756  'JOIN object_data obd ON fa.rol_id = obd.obj_id ' .
757  'WHERE assign = '.$ilDB->quote('y','text').' '.
758  'AND obd.type = '.$ilDB->quote('role','text').' '.
759  'AND t1.child IN ('.
760  $GLOBALS['tree']->getSubTreeQuery($ref_id,array('child')).' '.
761  ') ';
762 
763 
764  $res = $ilDB->query($query);
765 
766  $role_list = array();
767  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
768  {
769  $role_list[] = $row->rol_id;
770  }
771  return $role_list;
772  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$GLOBALS
$GLOBALS['ct_recipient']
Definition: example_form.ajax.php:4
$ref_id
$ref_id
Definition: sahs_server.php:39
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAssignedCacheEntry()

ilRbacReview::getAssignedCacheEntry (   $a_role_id,
  $a_user_id 
)

get entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id

Definition at line 2329 of file class.ilRbacReview.php.

2330  {
2331  return self::$is_assigned_cache[$a_role_id][$a_user_id];
2332  }

◆ getFoldersAssignedToRole()

ilRbacReview::getFoldersAssignedToRole (   $a_rol_id,
  $a_assignable = false 
)

Returns an array of objects assigned to a role.

A role with stopped inheritance may be assigned to more than one objects. To get only the original location of a role, set the second parameter to true

public

Parameters
integerrole id
booleanget only rolefolders where role is assignable (true)
Returns
array reference IDs of role folders
Todo:
refactor rolf => RENAME (rest done)

Definition at line 1132 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by isRoleDeleted().

1133  {
1134  global $ilDB;
1135 
1136  if (!isset($a_rol_id))
1137  {
1138  $message = get_class($this)."::getFoldersAssignedToRole(): No role_id given!";
1139  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1140  }
1141 
1142  if ($a_assignable)
1143  {
1144  $where = " AND assign ='y'";
1145  }
1146 
1147  $query = "SELECT DISTINCT parent FROM rbac_fa ".
1148  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".$where." ";
1149 
1150  $res = $ilDB->query($query);
1151  while($row = $ilDB->fetchObject($res))
1152  {
1153  $folders[] = $row->parent;
1154  }
1155  return $folders ? $folders : array();
1156  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getGlobalAssignableRoles()

ilRbacReview::getGlobalAssignableRoles ( )

get only 'global' roles (with flag 'assign_users') public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1306 of file class.ilRbacReview.php.

References ilObjRole\_getAssignUsersStatus(), and getGlobalRoles().

1307  {
1308  include_once './Services/AccessControl/classes/class.ilObjRole.php';
1309 
1310  foreach($this->getGlobalRoles() as $role_id)
1311  {
1312  if(ilObjRole::_getAssignUsersStatus($role_id))
1313  {
1314  $ga[] = array('obj_id' => $role_id,
1315  'role_type' => 'global');
1316  }
1317  }
1318  return $ga ? $ga : array();
1319  }
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:1244
ilObjRole\_getAssignUsersStatus
_getAssignUsersStatus($a_role_id)
Definition: class.ilObjRole.php:141
+ Here is the call graph for this function:

◆ getGlobalRoles()

ilRbacReview::getGlobalRoles ( )

get only 'global' roles public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1244 of file class.ilRbacReview.php.

References getRolesOfRoleFolder().

Referenced by getGlobalAssignableRoles(), getRolesByFilter(), and isGlobalRole().

1245  {
1246  return $this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false);
1247  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:1205
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getGlobalRolesArray()

ilRbacReview::getGlobalRolesArray ( )

get only 'global' roles public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1290 of file class.ilRbacReview.php.

References getRolesOfRoleFolder().

1291  {
1292  foreach($this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false) as $role_id)
1293  {
1294  $ga[] = array('obj_id' => $role_id,
1295  'role_type' => 'global');
1296  }
1297  return $ga ? $ga : array();
1298  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:1205
+ Here is the call graph for this function:

◆ getLocalPolicies()

ilRbacReview::getLocalPolicies (   $a_ref_id)

Get all roles with local policies.

Parameters
type$a_ref_id
Returns
type

Definition at line 1274 of file class.ilRbacReview.php.

References getRolesOfRoleFolder().

1275  {
1276  $lroles = array();
1277  foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
1278  {
1279  $lroles[] = $role_id;
1280  }
1281  return $lroles;
1282  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:1205
+ Here is the call graph for this function:

◆ getLocalRoles()

ilRbacReview::getLocalRoles (   $a_ref_id)

Get local roles of object.

Parameters
int$a_ref_id
Todo:
refactor rolf => DONE

Definition at line 1254 of file class.ilRbacReview.php.

References $ilDB, getRolesOfRoleFolder(), and isAssignable().

1255  {
1256  global $ilDB;
1257 
1258  $lroles = array();
1259  foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
1260  {
1261  if($this->isAssignable($role_id, $a_ref_id))
1262  {
1263  $lroles[] = $role_id;
1264  }
1265  }
1266  return $lroles;
1267  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:1205
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users public.
Definition: class.ilRbacReview.php:1077
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getNumberOfAssignedUsers()

ilRbacReview::getNumberOfAssignedUsers ( Array  $a_roles)

Get the number of assigned users to roles ilDB $ilDB.

Parameters
array$a_roles
Returns
int
Todo:
refactor rolf => DONE

Definition at line 883 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

884  {
885  global $ilDB;
886 
887  $query = 'SELECT COUNT(DISTINCT(usr_id)) as num FROM rbac_ua '.
888  'WHERE '.$ilDB->in('rol_id', $a_roles, false, 'integer').' ';
889 
890  $res = $ilDB->query($query);
891  $row = $res->fetchRow(DB_FETCHMODE_OBJECT);
892  return $row->num ? $row->num : 0;
893  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getObjectOfRole()

ilRbacReview::getObjectOfRole (   $a_role_id)

Get object id of objects a role is assigned to.

Todo:
refactor rolf (due to performance reasons the new version does not check for deleted roles only in object reference)

public

Parameters
introle id

Definition at line 2065 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by ilObjUserGUI\roleassignmentObject().

2066  {
2067  // internal cache
2068  static $obj_cache = array();
2069 
2070  global $ilDB;
2071 
2072 
2073  if(isset($obj_cache[$a_role_id]) and $obj_cache[$a_role_id])
2074  {
2075  return $obj_cache[$a_role_id];
2076  }
2077 
2078  $query = 'SELECT obr.obj_id FROM rbac_fa rfa '.
2079  'JOIN object_reference obr ON rfa.parent = obr.ref_id '.
2080  'WHERE assign = '.$ilDB->quote('y','text'). ' '.
2081  'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2082  'AND deleted IS NULL';
2083 
2084  #$query = "SELECT obr.obj_id FROM rbac_fa rfa ".
2085  # "JOIN tree ON rfa.parent = tree.child ".
2086  # "JOIN object_reference obr ON tree.parent = obr.ref_id ".
2087  # "WHERE tree.tree = 1 ".
2088  # "AND assign = 'y' ".
2089  # "AND rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
2090  $res = $ilDB->query($query);
2091 
2092  $obj_cache[$a_role_id] = 0;
2093  while($row = $ilDB->fetchObject($res))
2094  {
2095  $obj_cache[$a_role_id] = $row->obj_id;
2096  }
2097  return $obj_cache[$a_role_id];
2098  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getObjectReferenceOfRole()

ilRbacReview::getObjectReferenceOfRole (   $a_role_id)

Get reference of role.

Parameters
object$a_role_id
Returns
int
Todo:
refactor rolf (no deleted check)

Definition at line 2106 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

2107  {
2108  global $ilDB;
2109 
2110  $query = 'SELECT parent role_ref FROM rbac_fa '.
2111  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2112  'AND assign = '.$ilDB->quote('y','text');
2113 
2114  $res = $ilDB->query($query);
2115  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
2116  {
2117  return $row->role_ref;
2118  }
2119  return 0;
2120  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getObjectsWithStopedInheritance()

ilRbacReview::getObjectsWithStopedInheritance (   $a_rol_id,
  $a_filter = array() 
)

get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder.

public

Parameters
integerrole_id
arrayfilter ref_ids
Returns
array with ref_ids of objects
Todo:
refactor rolf => DONE

Definition at line 1609 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

1610  {
1611  global $ilDB;
1612 
1613  #$query = 'SELECT t.parent p FROM tree t JOIN rbac_fa fa ON fa.parent = child '.
1614  # 'WHERE assign = '.$ilDB->quote('n','text').' '.
1615  # 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1616 
1617  $query = 'SELECT parent p FROM rbac_fa '.
1618  'WHERE assign = '.$ilDB->quote('n','text').' '.
1619  'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1620 
1621  if($a_filter)
1622  {
1623  $query .= ('AND '.$ilDB->in('parent',(array) $a_filter,false,'integer'));
1624  }
1625 
1626  $res = $ilDB->query($query);
1627  $parent = array();
1628  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1629  {
1630  $parent[] = $row->p;
1631  }
1632  return $parent;
1633  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperation()

ilRbacReview::getOperation (   $ops_id)

get one operation by operation id public

Returns
array data of operation_id
Todo:
refactor rolf => DONE

Definition at line 1365 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and ilDB\query().

1366  {
1367  global $ilDB;
1368 
1369  $query = 'SELECT * FROM rbac_operations WHERE ops_id = '.$ilDB->quote($ops_id,'integer');
1370  $res = $this->ilDB->query($query);
1371  while($row = $ilDB->fetchObject($res))
1372  {
1373  $ops = array('ops_id' => $row->ops_id,
1374  'operation' => $row->operation,
1375  'description' => $row->description);
1376  }
1377 
1378  return $ops ? $ops : array();
1379  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1393
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getOperationAssignment()

ilRbacReview::getOperationAssignment ( )

get operation assignments

Returns
array array(array('typ_id' => $typ_id,'title' => $title,'ops_id => '$ops_is,'operation' => $operation),...
Todo:
refactor rolf => DONE

Definition at line 2186 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

2187  {
2188  global $ilDB;
2189 
2190  $query = 'SELECT ta.typ_id, obj.title, ops.ops_id, ops.operation FROM rbac_ta ta '.
2191  'JOIN object_data obj ON obj.obj_id = ta.typ_id '.
2192  'JOIN rbac_operations ops ON ops.ops_id = ta.ops_id ';
2193  $res = $ilDB->query($query);
2194 
2195  $counter = 0;
2196  while($row = $ilDB->fetchObject($res))
2197  {
2198  $info[$counter]['typ_id'] = $row->typ_id;
2199  $info[$counter]['type'] = $row->title;
2200  $info[$counter]['ops_id'] = $row->ops_id;
2201  $info[$counter]['operation'] = $row->operation;
2202  $counter++;
2203  }
2204  return $info ? $info : array();
2205 
2206  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperations()

ilRbacReview::getOperations ( )

get all possible operations public

Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 1343 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and ilDB\query().

1344  {
1345  global $ilDB;
1346 
1347  $query = 'SELECT * FROM rbac_operations ORDER BY ops_id ';
1348  $res = $this->ilDB->query($query);
1349  while($row = $ilDB->fetchObject($res))
1350  {
1351  $ops[] = array('ops_id' => $row->ops_id,
1352  'operation' => $row->operation,
1353  'description' => $row->description);
1354  }
1355 
1356  return $ops ? $ops : array();
1357  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1393
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getOperationsByTypeAndClass()

ilRbacReview::getOperationsByTypeAndClass (   $a_type,
  $a_class 
)

Get operations by type and class.

Parameters
string$a_typeType is "object" or
string$a_class
Returns
Todo:
refactor rolf => DONE

Definition at line 1568 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

1569  {
1570  global $ilDB;
1571 
1572  if($a_class != 'create')
1573  {
1574  $condition = "AND class != ".$ilDB->quote('create','text');
1575  }
1576  else
1577  {
1578  $condition = "AND class = ".$ilDB->quote('create','text');
1579  }
1580 
1581  $query = "SELECT ro.ops_id FROM rbac_operations ro ".
1582  "JOIN rbac_ta rt ON ro.ops_id = rt.ops_id ".
1583  "JOIN object_data od ON rt.typ_id = od.obj_id ".
1584  "WHERE type = ".$ilDB->quote('typ','text')." ".
1585  "AND title = ".$ilDB->quote($a_type,'text')." ".
1586  $condition." ".
1587  "ORDER BY op_order ";
1588 
1589  $res = $ilDB->query($query);
1590 
1591  $ops = array();
1592  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1593  {
1594  $ops[] = $row->ops_id;
1595  }
1596  return $ops;
1597  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperationsOfRole()

ilRbacReview::getOperationsOfRole (   $a_rol_id,
  $a_type,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public

Parameters
integerrole_id
stringobject type
integerrole folder id
Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 1446 of file class.ilRbacReview.php.

References $ilDB, $ilLog, $query, $res, and $row.

1447  {
1448  global $ilDB,$ilLog;
1449 
1450  if (!isset($a_rol_id) or !isset($a_type))
1451  {
1452  $message = get_class($this)."::getOperationsOfRole(): Missing Parameter!".
1453  "role_id: ".$a_rol_id.
1454  "type: ".$a_type.
1455  "parent_id: ".$a_parent;
1456  $ilLog->logStack("Missing parameter! ");
1457  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1458  }
1459 
1460  $ops_arr = array();
1461 
1462  // if no rolefolder id is given, assume global role folder as target
1463  if ($a_parent == 0)
1464  {
1465  $a_parent = ROLE_FOLDER_ID;
1466  }
1467 
1468  $query = "SELECT ops_id FROM rbac_templates ".
1469  "WHERE type =".$ilDB->quote($a_type,'text')." ".
1470  "AND rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1471  "AND parent = ".$ilDB->quote($a_parent,'integer');
1472  $res = $ilDB->query($query);
1473  while ($row = $ilDB->fetchObject($res))
1474  {
1475  $ops_arr[] = $row->ops_id;
1476  }
1477 
1478  return $ops_arr;
1479  }
$ilLog
$ilLog
Definition: inc.setup_header.php:132
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperationsOnType()

ilRbacReview::getOperationsOnType (   $a_typ_id)

all possible operations of a type public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1512 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by getOperationsOnTypeString().

1513  {
1514  global $ilDB;
1515 
1516  if (!isset($a_typ_id))
1517  {
1518  $message = get_class($this)."::getOperationsOnType(): No type_id given!";
1519  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1520  }
1521 
1522  #$query = "SELECT * FROM rbac_ta WHERE typ_id = ".$ilDB->quote($a_typ_id,'integer');
1523 
1524  $query = 'SELECT * FROM rbac_ta ta JOIN rbac_operations o ON ta.ops_id = o.ops_id '.
1525  'WHERE typ_id = '.$ilDB->quote($a_typ_id,'integer').' '.
1526  'ORDER BY op_order';
1527 
1528  $res = $ilDB->query($query);
1529 
1530  while($row = $ilDB->fetchObject($res))
1531  {
1532  $ops_id[] = $row->ops_id;
1533  }
1534 
1535  return $ops_id ? $ops_id : array();
1536  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getOperationsOnTypeString()

ilRbacReview::getOperationsOnTypeString (   $a_type)

all possible operations of a type public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1546 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, DB_FETCHMODE_OBJECT, getOperationsOnType(), and ilDB\query().

1547  {
1548  global $ilDB;
1549 
1550  $query = "SELECT * FROM object_data WHERE type = 'typ' AND title = ".$ilDB->quote($a_type ,'text')." ";
1551 
1552 
1553  $res = $this->ilDB->query($query);
1554  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1555  {
1556  return $this->getOperationsOnType($row->obj_id);
1557  }
1558  return false;
1559  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1393
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\getOperationsOnType
getOperationsOnType($a_typ_id)
all possible operations of a type public
Definition: class.ilRbacReview.php:1512
+ Here is the call graph for this function:

◆ getParentRoleIds()

ilRbacReview::getParentRoleIds (   $a_endnode_id,
  $a_templates = false 
)

get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates public

Parameters
integerref_id of an object which is end node
booleantrue for role templates (default: false)
Returns
array array(role_ids => role_data)
Todo:
refactor rolf => DONE

Definition at line 635 of file class.ilRbacReview.php.

References $GLOBALS, and __getParentRoles().

636  {
637  global $tree;
638 
639  if (!isset($a_endnode_id))
640  {
641  $GLOBALS['ilLog']->logStack();
642  $message = get_class($this)."::getParentRoleIds(): No node_id (ref_id) given!";
643  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
644  }
645 
646  //var_dump($a_endnode_id);exit;
647  //$log->write("ilRBACreview::getParentRoleIds(), 0");
648  $pathIds = $tree->getPathId($a_endnode_id);
649 
650  // add system folder since it may not in the path
651  //$pathIds[0] = SYSTEM_FOLDER_ID;
652  $pathIds[0] = ROLE_FOLDER_ID;
653  //$log->write("ilRBACreview::getParentRoleIds(), 1");
654  #return $this->getParentRoles($a_endnode_id,$a_templates,$a_keep_protected);
655  return $this->__getParentRoles($pathIds,$a_templates);
656  }
ilRbacReview\__getParentRoles
__getParentRoles($a_path, $a_templates)
Note: This function performs faster than the new getParentRoles function, because it uses database in...
Definition: class.ilRbacReview.php:597
$GLOBALS
$GLOBALS['ct_recipient']
Definition: example_form.ajax.php:4
+ Here is the call graph for this function:

◆ getRoleFolderOfRole()

ilRbacReview::getRoleFolderOfRole (   $a_role_id)

Get role folder of role ilDB $ilDB.

Parameters
int$a_role_id
Returns
int
Todo:
refactor rolf => RENAME

Definition at line 2252 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, ilObject\_lookupType(), and DB_FETCHMODE_OBJECT.

2253  {
2254  global $ilDB;
2255 
2256  if(ilObject::_lookupType($a_role_id) == 'role')
2257  {
2258  $and = ('AND assign = '.$ilDB->quote('y','text'));
2259  }
2260  else
2261  {
2262  $and = '';
2263  }
2264 
2265  $query = 'SELECT * FROM rbac_fa '.
2266  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2267  $and;
2268  $res = $ilDB->query($query);
2269  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
2270  {
2271  return $row->parent;
2272  }
2273  return 0;
2274  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1183
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getRoleListByObject()

ilRbacReview::getRoleListByObject (   $a_ref_id,
  $a_templates = false 
)

Returns a list of roles in an container public.

Parameters
integerref_id of object
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 666 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by __getParentRoles().

667  {
668  global $ilDB;
669 
670  if (!isset($a_ref_id) or !isset($a_templates))
671  {
672  $message = get_class($this)."::getRoleListByObject(): Missing parameter!".
673  "ref_id: ".$a_ref_id.
674  "tpl_flag: ".$a_templates;
675  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
676  }
677 
678  $role_list = array();
679 
680  $where = $this->__setTemplateFilter($a_templates);
681 
682  $query = "SELECT * FROM object_data ".
683  "JOIN rbac_fa ON obj_id = rol_id ".
684  $where.
685  "AND object_data.obj_id = rbac_fa.rol_id ".
686  "AND rbac_fa.parent = ".$ilDB->quote($a_ref_id,'integer')." ";
687 
688  $res = $ilDB->query($query);
689  while ($row = $ilDB->fetchAssoc($res))
690  {
691  $row["desc"] = $row["description"];
692  $row["user_id"] = $row["owner"];
693  $role_list[] = $row;
694  }
695 
696  $role_list = $this->__setRoleType($role_list);
697 
698  return $role_list;
699  }
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:807
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:835
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getRoleMailboxAddress()

ilRbacReview::getRoleMailboxAddress (   $a_role_id,
  $is_localize = true 
)

Returns the mailbox address of a role.

Example 1: Mailbox address for an ILIAS reserved role name

The il_crs_member_345 role of the course object "English Course 1" is returned as one of the following mailbox addresses:

a) Course Member <#member@[English Course 1]> b) Course Member <#il_crs_member_345@[English Course 1]> c) Course Member <#il_crs_member_345>

Address a) is returned, if the title of the object is unique, and if there is only one local role with the substring "member" defined for the object.

Address b) is returned, if the title of the object is unique, but there is more than one local role with the substring "member" in its title.

Address c) is returned, if the title of the course object is not unique.

Example 2: Mailbox address for a manually defined role name

The "Admin" role of the category object "Courses" is returned as one of the following mailbox addresses:

a) Course Administrator <#Admin> b) Course Administrator <#Admin> c) Course Adminstrator <#il_role_34211> 

Address a) is returned, if the title of the object is unique, and
if there is only one local role with the substring "Admin" defined for
the course object.

Address b) is returned, if the title of the object is not unique, but

the role title is unique.

Address c) is returned, if neither the role title nor the title of the course object is unique.

Example 3: Mailbox address for a manually defined role title that can
       contains special characters in the local-part of a 
       mailbox address

The "Author Courses" role of the category object "Courses" is returned as one of the following mailbox addresses:

a) "#Author Courses" b) Author Courses <#il_role_34234> 

Address a) is returned, if the title of the role is unique.

Address b) is returned, if neither the role title nor the title of the course object is unique, or if the role title contains a quote or a backslash.

@param int a role id
@param boolean is_localize whether mailbox addresses should be localized
@return     String mailbox address or null, if role does not exist.
Todo:
refactor rolf

Definition at line 336 of file class.ilRbacReview.php.

References $ilDB, $lng, $log, $query, $r, $row, DB_FETCHMODE_OBJECT, if, ilMail\ILIAS_HOST, and ilDB\query().

337  {
338  global $log, $lng,$ilDB;
339 
340  include_once "Services/Mail/classes/class.ilMail.php";
341  if (ilMail::_usePearMail())
342  {
343  // Retrieve the role title and the object title.
344  $query = "SELECT rdat.title role_title,odat.title object_title, ".
345  " oref.ref_id object_ref ".
346  "FROM object_data rdat ".
347  "JOIN rbac_fa fa ON fa.rol_id = rdat.obj_id ".
348  "JOIN tree rtree ON rtree.child = fa.parent ".
349  "JOIN object_reference oref ON oref.ref_id = rtree.child ".
350  "JOIN object_data odat ON odat.obj_id = oref.obj_id ".
351  "WHERE rdat.obj_id = ".$this->ilDB->quote($a_role_id,'integer')." ".
352  "AND fa.assign = 'y' ";
353  $r = $ilDB->query($query);
354  if (!$row = $ilDB->fetchObject($r))
355  {
356  //$log->write('class.ilRbacReview->getMailboxAddress('.$a_role_id.'): error role does not exist');
357  return null; // role does not exist
358  }
359  $object_title = $row->object_title;
360  $object_ref = $row->object_ref;
361  $role_title = $row->role_title;
362 
363 
364  // In a perfect world, we could use the object_title in the
365  // domain part of the mailbox address, and the role title
366  // with prefix '#' in the local part of the mailbox address.
367  $domain = $object_title;
368  $local_part = $role_title;
369 
370 
371  // Determine if the object title is unique
372  $q = "SELECT COUNT(DISTINCT dat.obj_id) count ".
373  "FROM object_data dat ".
374  "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
375  "JOIN tree ON tree.child = ref.ref_id ".
376  "WHERE title = ".$this->ilDB->quote($object_title,'text')." ".
377  "AND tree.tree = 1 ";
378  $r = $this->ilDB->query($q);
379  $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
380 
381  // If the object title is not unique, we get rid of the domain.
382  if ($row->count > 1)
383  {
384  $domain = null;
385  }
386 
387  // If the domain contains illegal characters, we get rid of it.
388  //if (domain != null && preg_match('/[\[\]\\]|[\x00-\x1f]/',$domain))
389  // Fix for Mantis Bug: 7429 sending mail fails because of brakets
390  // Fix for Mantis Bug: 9978 sending mail fails because of semicolon
391  if ($domain != null && preg_match('/[\[\]\\]|[\x00-\x1f]|[\x28-\x29]|[;]/',$domain))
392  {
393  $domain = null;
394  }
395 
396  // If the domain contains special characters, we put square
397  // brackets around it.
398  if ($domain != null &&
399  (preg_match('/[()<>@,;:\\".\[\]]/',$domain) ||
400  preg_match('/[^\x21-\x8f]/',$domain))
401  )
402  {
403  $domain = '['.$domain.']';
404  }
405 
406  // If the role title is one of the ILIAS reserved role titles,
407  // we can use a shorthand version of it for the local part
408  // of the mailbox address.
409  if (strpos($role_title, 'il_') === 0 && $domain != null)
410  {
411  $unambiguous_role_title = $role_title;
412 
413  $pos = strpos($role_title, '_', 3) + 1;
414  $local_part = substr(
415  $role_title,
416  $pos,
417  strrpos($role_title, '_') - $pos
418  );
419  }
420  else
421  {
422  $unambiguous_role_title = 'il_role_'.$a_role_id;
423  }
424 
425  // Determine if the local part is unique. If we don't have a
426  // domain, the local part must be unique within the whole repositry.
427  // If we do have a domain, the local part must be unique for that
428  // domain.
429  if ($domain == null)
430  {
431  $q = "SELECT COUNT(DISTINCT dat.obj_id) count ".
432  "FROM object_data dat ".
433  "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
434  "JOIN tree ON tree.child = ref.ref_id ".
435  "WHERE title = ".$this->ilDB->quote($local_part,'text')." ".
436  "AND tree.tree = 1 ";
437  }
438  else
439  {
440  $q = "SELECT COUNT(rd.obj_id) count ".
441  "FROM object_data rd ".
442  "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id ".
443  "JOIN tree t ON t.child = fa.parent ".
444  "WHERE fa.assign = 'y' ".
445  "AND t.child = ".$this->ilDB->quote($object_ref,'integer')." ".
446  "AND rd.title LIKE ".$this->ilDB->quote(
447  '%'.preg_replace('/([_%])/','\\\\$1', $local_part).'%','text')." ";
448  }
449 
450  $r = $this->ilDB->query($q);
451  $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
452 
453  // if the local_part is not unique, we use the unambiguous role title
454  // instead for the local part of the mailbox address
455  if ($row->count > 1)
456  {
457  $local_part = $unambiguous_role_title;
458  }
459 
460  $use_phrase = true;
461 
462  // If the local part contains illegal characters, we use
463  // the unambiguous role title instead.
464  if (preg_match('/[\\"\x00-\x1f]/',$local_part))
465  {
466  $local_part = $unambiguous_role_title;
467  }
468  else if(!preg_match('/^[\\x00-\\x7E]+$/i', $local_part))
469  {
470  // 2013-12-05: According to #12283, we do not accept umlauts in the local part
471  $local_part = $unambiguous_role_title;
472  $use_phrase = false;
473  }
474 
475  // Add a "#" prefix to the local part
476  $local_part = '#'.$local_part;
477 
478  // Put quotes around the role title, if needed
479  if (preg_match('/[()<>@,;:.\[\]\x20]/',$local_part))
480  {
481  $local_part = '"'.$local_part.'"';
482  }
483 
484  $mailbox = ($domain == null) ?
485  $local_part :
486  $local_part.'@'.$domain;
487 
488  if ($is_localize)
489  {
490  if (substr($role_title,0,3) == 'il_')
491  {
492  $phrase = $lng->txt(substr($role_title, 0, strrpos($role_title,'_')));
493  }
494  else
495  {
496  $phrase = $role_title;
497  }
498 
499  if($use_phrase)
500  {
501  // make phrase RFC 822 conformant:
502  // - strip excessive whitespace
503  // - strip special characters
504  $phrase = preg_replace('/\s\s+/', ' ', $phrase);
505  $phrase = preg_replace('/[()<>@,;:\\".\[\]]/', '', $phrase);
506 
507  $mailbox = $phrase.' <'.$mailbox.'>';
508  }
509  }
510 
511  require_once './Services/PEAR/lib/Mail/RFC822.php';
512  $obj = new Mail_RFC822($mailbox, ilMail::ILIAS_HOST);
513  if(@$obj->parseAddressList() instanceof PEAR_Error)
514  {
515  $q = "SELECT title ".
516  "FROM object_data ".
517  "WHERE obj_id = ".$this->ilDB->quote($a_role_id ,'integer');
518  $r = $this->ilDB->query($q);
519 
520  if ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
521  {
522  return '#'.$row->title;
523  }
524  else
525  {
526  return null;
527  }
528  }
529 
530  return $mailbox;
531  }
532  else
533  {
534  $q = "SELECT title ".
535  "FROM object_data ".
536  "WHERE obj_id = ".$this->ilDB->quote($a_role_id ,'integer');
537  $r = $this->ilDB->query($q);
538 
539  if ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
540  {
541  return '#'.$row->title;
542  }
543  else
544  {
545  return null;
546  }
547  }
548  }
ilMail\ILIAS_HOST
const ILIAS_HOST
Definition: class.ilMail.php:213
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1393
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
PEAR_Error
Definition: PEAR.php:826
Mail_RFC822
Definition: RFC822.php:70
if
if(!file_exists(getcwd().'/ilias.ini.php')) if(isset( $_GET["client_id"]))
registration confirmation script for ilias
Definition: confirmReg.php:20
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$lng
global $lng
Definition: privfeed.php:40
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$r
$r
Definition: shib_logout.php:151
+ Here is the call graph for this function:

◆ getRoleOperationsOnObject()

ilRbacReview::getRoleOperationsOnObject (   $a_role_id,
  $a_ref_id 
)

ilDB $ilDB

Parameters
type$a_role_id
type$a_ref_id
Returns
type
Todo:
rafactor rolf => DONE

Definition at line 1488 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

1489  {
1490  global $ilDB;
1491 
1492  $query = "SELECT * FROM rbac_pa ".
1493  "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ".
1494  "AND ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
1495 
1496  $res = $ilDB->query($query);
1497  while($row = $ilDB->fetchObject($res))
1498  {
1499  $ops = unserialize($row->ops_id);
1500  }
1501 
1502  return $ops ? $ops : array();
1503  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getRolesByFilter()

ilRbacReview::getRolesByFilter (   $a_filter = 0,
  $a_user_id = 0,
  $title_filter = '' 
)

ilDB $ilDB

Parameters
type$a_filter
type$a_user_id
type$title_filter
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1690 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), assignedRoles(), getAssignableRoles(), and getGlobalRoles().

1691  {
1692  global $ilDB;
1693 
1694  $assign = "y";
1695 
1696  switch($a_filter)
1697  {
1698  // all (assignable) roles
1699  case self::FILTER_ALL:
1700  return $this->getAssignableRoles(true,true,$title_filter);
1701  break;
1702 
1703  // all (assignable) global roles
1704  case self::FILTER_ALL_GLOBAL:
1705  $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),false,'integer').' ';
1706  break;
1707 
1708  // all (assignable) local roles
1709  case self::FILTER_ALL_LOCAL:
1710  case self::FILTER_INTERNAL:
1711  case self::FILTER_NOT_INTERNAL:
1712  $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),true,'integer');
1713  break;
1714 
1715  // all role templates
1716  case self::FILTER_TEMPLATES:
1717  $where = "WHERE object_data.type = 'rolt'";
1718  $assign = "n";
1719  break;
1720 
1721  // only assigned roles, handled by ilObjUserGUI::roleassignmentObject()
1722  case 0:
1723  default:
1724  if(!$a_user_id)
1725  return array();
1726 
1727  $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->assignedRoles($a_user_id),false,'integer').' ';
1728  break;
1729  }
1730 
1731  $roles = array();
1732 
1733  $query = "SELECT * FROM object_data ".
1734  "JOIN rbac_fa ON obj_id = rol_id ".
1735  $where.
1736  "AND rbac_fa.assign = ".$ilDB->quote($assign,'text')." ";
1737 
1738  if(strlen($title_filter))
1739  {
1740  $query .= (' AND '.$ilDB->like(
1741  'title',
1742  'text',
1743  '%'.$title_filter.'%'
1744  ));
1745  }
1746 
1747  $res = $ilDB->query($query);
1748  while($row = $ilDB->fetchAssoc($res))
1749  {
1750  $prefix = (substr($row["title"],0,3) == "il_") ? true : false;
1751 
1752  // all (assignable) internal local roles only
1753  if ($a_filter == 4 and !$prefix)
1754  {
1755  continue;
1756  }
1757 
1758  // all (assignable) non internal local roles only
1759  if ($a_filter == 5 and $prefix)
1760  {
1761  continue;
1762  }
1763 
1764  $row["desc"] = $row["description"];
1765  $row["user_id"] = $row["owner"];
1766  $roles[] = $row;
1767  }
1768 
1769  $roles = $this->__setRoleType($roles);
1770 
1771  return $roles ? $roles : array();
1772  }
ilRbacReview\getAssignableRoles
getAssignableRoles($a_templates=false, $a_internal_roles=false, $title_filter='')
Returns a list of all assignable roles public.
Definition: class.ilRbacReview.php:708
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:1244
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user public
Definition: class.ilRbacReview.php:1030
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:835
+ Here is the call graph for this function:

◆ getRolesForIDs()

ilRbacReview::getRolesForIDs (   $role_ids,
  $use_templates 
)

ilDB $ilDB

Parameters
type$role_ids
type$use_templates
Returns
type
Todo:
refactor rolf => DONE

Definition at line 2155 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

2156  {
2157  global $ilDB;
2158 
2159  $role_list = array();
2160 
2161  $where = $this->__setTemplateFilter($use_templates);
2162 
2163  $query = "SELECT * FROM object_data ".
2164  "JOIN rbac_fa ON object_data.obj_id = rbac_fa.rol_id ".
2165  $where.
2166  "AND rbac_fa.assign = 'y' " .
2167  'AND '.$ilDB->in('object_data.obj_id',$role_ids,false,'integer');
2168 
2169  $res = $ilDB->query($query);
2170  while($row = $ilDB->fetchAssoc($res))
2171  {
2172  $row["desc"] = $row["description"];
2173  $row["user_id"] = $row["owner"];
2174  $role_list[] = $row;
2175  }
2176 
2177  $role_list = $this->__setRoleType($role_list);
2178  return $role_list;
2179  }
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:807
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:835
+ Here is the call graph for this function:

◆ getRolesOfObject()

ilRbacReview::getRolesOfObject (   $a_ref_id,
  $a_assignable_only = FALSE 
)

Get roles of object.

Parameters
type$a_ref_id
type$a_assignable
Exceptions
InvalidArgumentException
Todo:
refactor rolf => DONE

Definition at line 1165 of file class.ilRbacReview.php.

References $GLOBALS, $ilDB, $query, $res, and $row.

1166  {
1167  global $ilDB;
1168 
1169  if(!isset($a_ref_id))
1170  {
1171  $GLOBALS['ilLog']->logStack();
1172  throw new InvalidArgumentException(__METHOD__.': No ref_id given!');
1173  }
1174  if($a_assignable_only === TRUE)
1175  {
1176  $and = 'AND assign = '.$ilDB->quote('y','text');
1177  }
1178  $query = "SELECT rol_id FROM rbac_fa ".
1179  "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
1180  $and;
1181 
1182  $res = $ilDB->query($query);
1183 
1184  $role_ids = array();
1185  while($row = $ilDB->fetchObject($res))
1186  {
1187  $role_ids[] = $row->rol_id;
1188  }
1189  return $role_ids;
1190  }
$GLOBALS
$GLOBALS['ct_recipient']
Definition: example_form.ajax.php:4
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getRolesOfRoleFolder()

ilRbacReview::getRolesOfRoleFolder (   $a_ref_id,
  $a_nonassignable = true 
)

get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids public

Parameters
integerref_id of object
booleanif false only get true local roles
Returns
array Array with rol_ids
Deprecated:
since version 4.5.0
Todo:
refactor rolf => RENAME

Definition at line 1205 of file class.ilRbacReview.php.

References $ilBench, $ilDB, $ilLog, $query, $res, and $row.

Referenced by getGlobalRoles(), getGlobalRolesArray(), getLocalPolicies(), and getLocalRoles().

1206  {
1207  global $ilBench,$ilDB,$ilLog;
1208 
1209  $ilBench->start("RBAC", "review_getRolesOfRoleFolder");
1210 
1211  if (!isset($a_ref_id))
1212  {
1213  $message = get_class($this)."::getRolesOfRoleFolder(): No ref_id given!";
1214  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1215 
1216  }
1217 
1218  if ($a_nonassignable === false)
1219  {
1220  $and = " AND assign='y'";
1221  }
1222 
1223  $query = "SELECT rol_id FROM rbac_fa ".
1224  "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
1225  $and;
1226 
1227  $res = $ilDB->query($query);
1228  while($row = $ilDB->fetchObject($res))
1229  {
1230  $rol_id[] = $row->rol_id;
1231  }
1232 
1233  $ilBench->stop("RBAC", "review_getRolesOfRoleFolder");
1234 
1235  return $rol_id ? $rol_id : array();
1236  }
$ilLog
$ilLog
Definition: inc.setup_header.php:132
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getTypeId()

ilRbacReview::getTypeId (   $a_type)

Get type id of object ilDB $ilDB.

Parameters
type$a_type
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1781 of file class.ilRbacReview.php.

References $ilDB, $r, $row, and DB_FETCHMODE_OBJECT.

1782  {
1783  global $ilDB;
1784 
1785  $q = "SELECT obj_id FROM object_data ".
1786  "WHERE title=".$ilDB->quote($a_type ,'text')." AND type='typ'";
1787  $r = $ilDB->query($q);
1788 
1789  $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
1790  return $row->obj_id;
1791  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$r
$r
Definition: shib_logout.php:151

◆ getUserPermissionsOnObject()

ilRbacReview::getUserPermissionsOnObject (   $a_user_id,
  $a_ref_id 
)

Get all user permissions on an object.

Parameters
int$a_user_iduser id
int$a_ref_idref id
Todo:
refactor rolf => DONE

Definition at line 2283 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

2284  {
2285  global $ilDB;
2286 
2287  $query = "SELECT ops_id FROM rbac_pa JOIN rbac_ua ".
2288  "ON (rbac_pa.rol_id = rbac_ua.rol_id) ".
2289  "WHERE rbac_ua.usr_id = ".$ilDB->quote($a_user_id,'integer')." ".
2290  "AND rbac_pa.ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
2291 
2292  $res = $ilDB->query($query);
2293  $all_ops = array();
2294  while ($row = $ilDB->fetchObject($res))
2295  {
2296  $ops = unserialize($row->ops_id);
2297  $all_ops = array_merge($all_ops, $ops);
2298  }
2299  $all_ops = array_unique($all_ops);
2300 
2301  $set = $ilDB->query("SELECT operation FROM rbac_operations ".
2302  " WHERE ".$ilDB->in("ops_id", $all_ops, false, "integer"));
2303  $perms = array();
2304  while ($rec = $ilDB->fetchAssoc($set))
2305  {
2306  $perms[] = $rec["operation"];
2307  }
2308 
2309  return $perms;
2310  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ hasMultipleAssignments()

ilRbacReview::hasMultipleAssignments (   $a_role_id)

Temporary bugfix.

Todo:
refactor rolf => DONE

Definition at line 1111 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

1112  {
1113  global $ilDB;
1114 
1115  $query = "SELECT * FROM rbac_fa WHERE rol_id = ".$ilDB->quote($a_role_id,'integer').' '.
1116  "AND assign = ".$ilDB->quote('y','text');
1117  $res = $ilDB->query($query);
1118  return $res->numRows() > 1;
1119  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isAssignable()

ilRbacReview::isAssignable (   $a_rol_id,
  $a_ref_id 
)

Check if its possible to assign users public.

Parameters
integerobject id of role
integerref_id of object in question
Returns
boolean
Todo:
refactor rolf (expects object reference id instead of rolf) => DONE

Definition at line 1077 of file class.ilRbacReview.php.

References $ilBench, $ilDB, $query, $res, and $row.

Referenced by getLocalRoles(), and isDeleteable().

1078  {
1079  global $ilBench,$ilDB;
1080 
1081  $ilBench->start("RBAC", "review_isAssignable");
1082 
1083  // exclude system role from rbac
1084  if ($a_rol_id == SYSTEM_ROLE_ID)
1085  {
1086  $ilBench->stop("RBAC", "review_isAssignable");
1087  return true;
1088  }
1089 
1090  if (!isset($a_rol_id) or !isset($a_ref_id))
1091  {
1092  $message = get_class($this)."::isAssignable(): Missing parameter!".
1093  " role_id: ".$a_rol_id." ,ref_id: ".$a_ref_id;
1094  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1095  }
1096  $query = "SELECT * FROM rbac_fa ".
1097  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1098  "AND parent = ".$ilDB->quote($a_ref_id,'integer')." ";
1099  $res = $ilDB->query($query);
1100  $row = $ilDB->fetchObject($res);
1101 
1102  $ilBench->stop("RBAC", "review_isAssignable");
1103  return $row->assign == 'y' ? true : false;
1104  }
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ isAssigned()

ilRbacReview::isAssigned (   $a_usr_id,
  $a_role_id 
)

check if a specific user is assigned to specific role public

Parameters
integerusr_id
integerrole_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 978 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

979  {
980  if(isset(self::$is_assigned_cache[$a_role_id][$a_usr_id])) {
981  return self::$is_assigned_cache[$a_role_id][$a_usr_id];
982  }
983  // Quickly determine if user is assigned to a role
984  global $ilDB;
985 
986  $ilDB->setLimit(1,0);
987  $query = "SELECT usr_id FROM rbac_ua WHERE ".
988  "rol_id= ".$ilDB->quote($a_role_id,'integer')." ".
989  "AND usr_id= ".$ilDB->quote($a_usr_id);
990  $res = $ilDB->query($query);
991 
992  $is_assigned = $res->numRows() == 1;
993  self::$is_assigned_cache[$a_role_id][$a_usr_id] = $is_assigned;
994 
995  return $is_assigned;
996  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isAssignedToAtLeastOneGivenRole()

ilRbacReview::isAssignedToAtLeastOneGivenRole (   $a_usr_id,
  $a_role_ids 
)

check if a specific user is assigned to at least one of the given role ids.

This function is used to quickly check whether a user is member of a course or a group.

public

Parameters
integerusr_id
array[integer]role_ids
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1010 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

1011  {
1012  global $ilDB;
1013 
1014  $ilDB->setLimit(1,0);
1015  $query = "SELECT usr_id FROM rbac_ua WHERE ".
1016  $ilDB->in('rol_id',$a_role_ids,false,'integer').
1017  " AND usr_id= ".$ilDB->quote($a_usr_id);
1018  $res = $ilDB->query($query);
1019 
1020  return $ilDB->numRows($res) == 1;
1021  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isDeleteable()

ilRbacReview::isDeleteable (   $a_role_id,
  $a_rolf_id 
)

Check if role is deleteable at a specific position.

Parameters
object$a_role_id
introlf_id
Returns
Todo:
refactor rolf => DONE

Definition at line 2215 of file class.ilRbacReview.php.

References ilObject\_lookupTitle(), and isAssignable().

2216  {
2217  if(!$this->isAssignable($a_role_id, $a_rolf_id))
2218  {
2219  return false;
2220  }
2221  if($a_role_id == SYSTEM_ROLE_ID or $a_role_id == ANONYMOUS_ROLE_ID)
2222  {
2223  return false;
2224  }
2225  if(substr(ilObject::_lookupTitle($a_role_id),0,3) == 'il_')
2226  {
2227  return false;
2228  }
2229  return true;
2230  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:931
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users public.
Definition: class.ilRbacReview.php:1077
+ Here is the call graph for this function:

◆ isDeleted()

ilRbacReview::isDeleted (   $a_node_id)

Checks if a rolefolder is set as deleted (negative tree_id) public.

Parameters
integerref_id of rolefolder
Returns
boolean true if rolefolder is set as deleted
Todo:
refactor rolf => DELETE method

Definition at line 1642 of file class.ilRbacReview.php.

References $ilDB, $r, $row, DB_FETCHMODE_OBJECT, and ilDB\query().

Referenced by isRoleDeleted().

1643  {
1644  global $ilDB;
1645 
1646  $q = "SELECT tree FROM tree WHERE child =".$ilDB->quote($a_node_id)." ";
1647  $r = $this->ilDB->query($q);
1648 
1649  $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
1650 
1651  if (!$row)
1652  {
1653  $message = sprintf('%s::isDeleted(): Role folder with ref_id %s not found!',
1654  get_class($this),
1655  $a_node_id);
1656  $this->log->write($message,$this->log->FATAL);
1657 
1658  return true;
1659  }
1660 
1661  // rolefolder is deleted
1662  if ($row->tree < 0)
1663  {
1664  return true;
1665  }
1666 
1667  return false;
1668  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1393
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$r
$r
Definition: shib_logout.php:151
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isGlobalRole()

ilRbacReview::isGlobalRole (   $a_role_id)

Check if role is a global role.

Parameters
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1676 of file class.ilRbacReview.php.

References getGlobalRoles().

1677  {
1678  return in_array($a_role_id,$this->getGlobalRoles());
1679  }
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:1244
+ Here is the call graph for this function:

◆ isProtected()

ilRbacReview::isProtected (   $a_ref_id,
  $a_role_id 
)
Todo:
refactor rolf => search calls ilDB $ilDB
Parameters
type$a_ref_id
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1907 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and ilUtil\yn2tf().

1908  {
1909  global $ilDB;
1910 
1911  // ref_id not used yet. protected permission acts 'global' for each role,
1912  $query = "SELECT protected FROM rbac_fa ".
1913  "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
1914  $res = $ilDB->query($query);
1915  $row = $ilDB->fetchAssoc($res);
1916 
1917  return ilUtil::yn2tf($row['protected']);
1918  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilUtil\yn2tf
static yn2tf($a_yn)
convert "y"/"n" to true/false
Definition: class.ilUtil.php:3278
+ Here is the call graph for this function:

◆ isRoleAssignedToObject()

ilRbacReview::isRoleAssignedToObject (   $a_role_id,
  $a_parent_id 
)

Check if role is assigned to an object.

Todo:
refactor rolf => DONE (renamed)

Definition at line 1326 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

1327  {
1328  global $rbacreview, $ilDB;
1329 
1330  $query = 'SELECT * FROM rbac_fa '.
1331  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1332  'AND parent = '.$ilDB->quote($a_parent_id,'integer');
1333  $res = $ilDB->query($query);
1334  return $res->numRows() ? true : false;
1335  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isRoleDeleted()

ilRbacReview::isRoleDeleted (   $a_role_id)

return if role is only attached to deleted role folders

Parameters
int$a_role_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 2129 of file class.ilRbacReview.php.

References getFoldersAssignedToRole(), and isDeleted().

2130  {
2131  $rolf_list = $this->getFoldersAssignedToRole($a_role_id, false);
2132  $deleted = true;
2133  if (count($rolf_list))
2134  {
2135  foreach ($rolf_list as $rolf) {
2136  // only list roles that are not set to status "deleted"
2137  if (!$this->isDeleted($rolf))
2138  {
2139  $deleted = false;
2140  break;
2141  }
2142  }
2143  }
2144  return $deleted;
2145  }
ilRbacReview\isDeleted
isDeleted($a_node_id)
Checks if a rolefolder is set as deleted (negative tree_id) public.
Definition: class.ilRbacReview.php:1642
ilRbacReview\getFoldersAssignedToRole
getFoldersAssignedToRole($a_rol_id, $a_assignable=false)
Returns an array of objects assigned to a role.
Definition: class.ilRbacReview.php:1132
+ Here is the call graph for this function:

◆ isSystemGeneratedRole()

ilRbacReview::isSystemGeneratedRole (   $a_role_id)

Check if the role is system generate role or role template.

Parameters
int$a_role_id
Returns
bool
Todo:
refactor rolf => DONE

Definition at line 2238 of file class.ilRbacReview.php.

References ilObject\_lookupTitle().

2239  {
2240  $title = ilObject::_lookupTitle($a_role_id);
2241  return substr($title,0,3) == 'il_' ? true : false;
2242  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:931
+ Here is the call graph for this function:

◆ lookupCreateOperationIds()

static ilRbacReview::lookupCreateOperationIds (   $a_type_arr)
static

Lookup operation ids.

Parameters
array$a_type_arre.g array('cat','crs','grp'). The operation name (e.g. 'create_cat') is generated automatically
Returns
array int Array with operation ids
Todo:
refactor rolf => DONE

Definition at line 1866 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by ilObjectXMLWriter\__appendOperations(), ilObjectRoleTemplatePermissionTableGUI\parse(), ilObjectRolePermissionTableGUI\parse(), and ilPermissionGUI\savePermissions().

1867  {
1868  global $ilDB;
1869 
1870  $operations = array();
1871  foreach($a_type_arr as $type)
1872  {
1873  $operations[] = ('create_'.$type);
1874  }
1875 
1876  if(!count($operations))
1877  {
1878  return array();
1879  }
1880 
1881  $query = 'SELECT ops_id, operation FROM rbac_operations '.
1882  'WHERE '.$ilDB->in('operation',$operations,false,'text');
1883 
1884  $res = $ilDB->query($query);
1885 
1886  $ops_ids = array();
1887  while($row = $ilDB->fetchObject($res))
1888  {
1889  $type_arr = explode('_', $row->operation);
1890  $type = $type_arr[1];
1891 
1892  $ops_ids[$type] = $row->ops_id;
1893  }
1894  return $ops_ids;
1895  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ roleExists()

ilRbacReview::roleExists (   $a_title,
  $a_id = 0 
)

Checks if a role already exists.

Role title should be unique public

Parameters
stringrole title
integerobj_id of role to exclude in the check. Commonly this is the current role you want to edit
Returns
boolean true if exists
Todo:
refactor rolf => DONE

Definition at line 559 of file class.ilRbacReview.php.

References $ilDB, $r, $row, DB_FETCHMODE_OBJECT, and ilDB\query().

560  {
561  global $ilDB;
562 
563  if (empty($a_title))
564  {
565  $message = get_class($this)."::roleExists(): No title given!";
566  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
567  }
568 
569  $clause = ($a_id) ? " AND obj_id != ".$ilDB->quote($a_id)." " : "";
570 
571  $q = "SELECT DISTINCT(obj_id) obj_id FROM object_data ".
572  "WHERE title =".$ilDB->quote($a_title)." ".
573  "AND type IN('role','rolt')".
574  $clause." ";
575  $r = $this->ilDB->query($q);
576 
577  while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
578  {
579  return $row->obj_id;
580  }
581  return false;
582  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1393
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$r
$r
Definition: shib_logout.php:151
+ Here is the call graph for this function:

◆ searchRolesByMailboxAddressList()

ilRbacReview::searchRolesByMailboxAddressList (   $a_address_list)

Finds all role ids that match the specified user friendly role mailbox address list.

The role mailbox name address list is an e-mail address list according to IETF RFC 822:

address list = role mailbox, {"," role mailbox } ; role mailbox = "#", local part, ["@" domain] ;

Examples: The following role mailbox names are all resolved to the role il_crs_member_123:

#Course.A #member.A #il_crs_member_123.A #il_crs_member_123 #il_crs_member_123

Examples: The following role mailbox names are all resolved to the role il_crs_member_345:

#member@[English Course] #il_crs_member_345@[English Course] #il_crs_member_345 #il_crs_member_345

If only the local part is specified, or if domain is equal to "ilias", ILIAS compares the title of role objects with local part. Only roles that are not in a trash folder are considered for the comparison.

If a domain is specified, and if the domain is not equal to "ilias", ILIAS compares the title of objects with the domain. Only objects that are not in a trash folder are considered for the comparison. Then ILIAS searches for local roles which contain the local part in their title. This allows for abbreviated role names, e.g. instead of having to specify #il_grp_member_345, it is sufficient to specify #member.

The address list may contain addresses thate are not role mailboxes. These addresses are ignored.

If a role mailbox address is ambiguous, this function returns the ID's of all role objects that are possible recipients for the role mailbox address.

If Pear Mail is not installed, then the mailbox address

public

Parameters
stringIETF RFX 822 address list containing role mailboxes.
Returns
int[] Array with role ids that were found
Todo:
refactor rolf

Definition at line 115 of file class.ilRbacReview.php.

References $ilDB, $query, $r, $row, DB_FETCHMODE_OBJECT, ilMail\ILIAS_HOST, ilDB\query(), and ilDB\quote().

116  {
117  global $ilDB;
118 
119  $role_ids = array();
120 
121  include_once "Services/Mail/classes/class.ilMail.php";
122  if(ilMail::_usePearMail())
123  {
124  require_once './Services/PEAR/lib/Mail/RFC822.php';
125  $parser = new Mail_RFC822();
126  $parsedList = $parser->parseAddressList($a_address_list, ilMail::ILIAS_HOST, false, true);
127  foreach ($parsedList as $address)
128  {
129  $local_part = $address->mailbox;
130  if (strpos($local_part,'#') !== 0 &&
131  !($local_part{0} == '"' && $local_part{1} == "#"))
132  {
133  // A local-part which doesn't start with a '#' doesn't denote a role.
134  // Therefore we can skip it.
135  continue;
136  }
137 
138  $local_part = substr($local_part, 1);
139 
140  /* If role contains spaces, eg. 'foo role', double quotes are added which have to be
141  removed here.*/
142  if( $local_part{0} == '#' && $local_part{strlen($local_part) - 1} == '"' )
143  {
144  $local_part = substr($local_part, 1);
145  $local_part = substr($local_part, 0, strlen($local_part) - 1);
146  }
147 
148  if (substr($local_part,0,8) == 'il_role_')
149  {
150  $role_id = substr($local_part,8);
151  $query = "SELECT t.tree ".
152  "FROM rbac_fa fa ".
153  "JOIN tree t ON t.child = fa.parent ".
154  "WHERE fa.rol_id = ".$this->ilDB->quote($role_id,'integer')." ".
155  "AND fa.assign = 'y' ".
156  "AND t.tree = 1";
157  $r = $ilDB->query($query);
158  if ($r->numRows() > 0)
159  {
160  $role_ids[] = $role_id;
161  }
162  continue;
163  }
164 
165 
166  $domain = $address->host;
167  if (strpos($domain,'[') == 0 && strrpos($domain,']'))
168  {
169  $domain = substr($domain,1,strlen($domain) - 2);
170  }
171  if (strlen($local_part) == 0)
172  {
173  $local_part = $domain;
174  $address->host = ilMail::ILIAS_HOST;
175  $domain = ilMail::ILIAS_HOST;
176  }
177 
178  if (strtolower($address->host) == ilMail::ILIAS_HOST)
179  {
180  // Search for roles = local-part in the whole repository
181  $query = "SELECT dat.obj_id ".
182  "FROM object_data dat ".
183  "JOIN rbac_fa fa ON fa.rol_id = dat.obj_id ".
184  "JOIN tree t ON t.child = fa.parent ".
185  "WHERE dat.title =".$this->ilDB->quote($local_part,'text')." ".
186  "AND dat.type = 'role' ".
187  "AND fa.assign = 'y' ".
188  "AND t.tree = 1";
189  }
190  else
191  {
192  // Search for roles like local-part in objects = host
193  $query = "SELECT rdat.obj_id ".
194  "FROM object_data odat ".
195  "JOIN object_reference oref ON oref.obj_id = odat.obj_id ".
196  "JOIN tree otree ON otree.child = oref.ref_id ".
197  "JOIN rbac_fa rfa ON rfa.parent = otree.child ".
198  "JOIN object_data rdat ON rdat.obj_id = rfa.rol_id ".
199  "WHERE odat.title = ".$this->ilDB->quote($domain,'text')." ".
200  "AND otree.tree = 1 ".
201  "AND rfa.assign = 'y' ".
202  "AND rdat.title LIKE ".
203  $this->ilDB->quote('%'.preg_replace('/([_%])/','\\\\$1',$local_part).'%','text');
204  }
205  $r = $ilDB->query($query);
206 
207  $count = 0;
208  while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
209  {
210  $role_ids[] = $row->obj_id;
211  $count++;
212  }
213 
214  // Nothing found?
215  // In this case, we search for roles = host.
216  if ($count == 0 && strtolower($address->host) == ilMail::ILIAS_HOST)
217  {
218  $q = "SELECT dat.obj_id ".
219  "FROM object_data dat ".
220  "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
221  "JOIN tree t ON t.child = ref.ref_id ".
222  "WHERE dat.title = ".$this->ilDB->quote($domain ,'text')." ".
223  "AND dat.type = 'role' ".
224  "AND t.tree = 1 ";
225  $r = $this->ilDB->query($q);
226 
227  while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
228  {
229  $role_ids[] = $row->obj_id;
230  }
231  }
232  //echo '<br>ids='.var_export($role_ids,true);
233  }
234  }
235  else
236  {
237  // the following code is executed, when Pear Mail is
238  // not installed
239 
240  $titles = explode(',', $a_address_list);
241 
242  $titleList = '';
243  foreach ($titles as $title)
244  {
245  if (strlen($inList) > 0)
246  {
247  $titleList .= ',';
248  }
249  $title = trim($title);
250  if (strpos($title,'#') == 0)
251  {
252  $titleList .= $this->ilDB->quote(substr($title, 1));
253  }
254  }
255  if (strlen($titleList) > 0)
256  {
257  $q = "SELECT obj_id ".
258  "FROM object_data ".
259  "WHERE title IN (".$titleList.") ".
260  "AND type='role'";
261  $r = $this->ilDB->query($q);
262  while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
263  {
264  $role_ids[] = $row->obj_id;
265  }
266  }
267  }
268 
269  return $role_ids;
270  }
ilMail\ILIAS_HOST
const ILIAS_HOST
Definition: class.ilMail.php:213
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1393
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
ilDB\quote
quote($a_query, $a_type=null)
Wrapper for quote method.
Definition: class.ilDB.php:2285
Mail_RFC822
Definition: RFC822.php:70
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$r
$r
Definition: shib_logout.php:151
+ Here is the call graph for this function:

◆ setAssignedCacheEntry()

ilRbacReview::setAssignedCacheEntry (   $a_role_id,
  $a_user_id,
  $a_value 
)

set entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id
bool$a_value

Definition at line 2318 of file class.ilRbacReview.php.

2319  {
2320  self::$is_assigned_cache[$a_role_id][$a_user_id] = $a_value;
2321  }

Field Documentation

◆ $_opsCache

ilRbacReview::$_opsCache = null
staticprivate

Definition at line 32 of file class.ilRbacReview.php.

◆ $assigned_roles

ilRbacReview::$assigned_roles = array()
protected

Definition at line 28 of file class.ilRbacReview.php.

◆ $assigned_users_cache

ilRbacReview::$assigned_users_cache = array()
staticprotected

Definition at line 37 of file class.ilRbacReview.php.

◆ $is_assigned_cache

ilRbacReview::$is_assigned_cache = array()
staticprotected

Definition at line 42 of file class.ilRbacReview.php.

◆ $log

ilRbacReview::$log = null

Definition at line 29 of file class.ilRbacReview.php.

Referenced by __setProtectedStatus(), and getRoleMailboxAddress().

◆ FILTER_ALL

const ilRbacReview::FILTER_ALL = 1

Definition at line 21 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_ALL_GLOBAL

const ilRbacReview::FILTER_ALL_GLOBAL = 2

Definition at line 22 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_ALL_LOCAL

const ilRbacReview::FILTER_ALL_LOCAL = 3

Definition at line 23 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_INTERNAL

const ilRbacReview::FILTER_INTERNAL = 4

Definition at line 24 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_NOT_INTERNAL

const ilRbacReview::FILTER_NOT_INTERNAL = 5

Definition at line 25 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_TEMPLATES

const ilRbacReview::FILTER_TEMPLATES = 6

Definition at line 26 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

The documentation for this class was generated from the following file: