ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f870
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Static Protected Attributes | Static Private Attributes
ilRbacReview Class Reference
Services/AccessControl

class ilRbacReview Contains Review functions of core Rbac. More...

+ Collaboration diagram for ilRbacReview:

Public Member Functions

 __construct ()
 Constructor @access public. More...
 
 searchRolesByMailboxAddressList ($a_address_list)
 Finds all role ids that match the specified user friendly role mailbox address list. More...
 
 getRoleMailboxAddress ($a_role_id, $is_localize=true)
 
 roleExists ($a_title, $a_id=0)
 Checks if a role already exists. More...
 
 getParentRoleIds ($a_endnode_id, $a_templates=false)
 get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates @access public More...
 
 getRoleListByObject ($a_ref_id, $a_templates=false)
 Returns a list of roles in an container @access public. More...
 
 getAssignableRoles ($a_templates=false, $a_internal_roles=false, $title_filter='')
 Returns a list of all assignable roles @access public. More...
 
 getAssignableRolesInSubtree ($ref_id)
 Returns a list of assignable roles in a subtree of the repository @access public. More...
 
 getAssignableChildRoles ($a_ref_id)
 Get all assignable roles directly under a specific node @access public. More...
 
 getNumberOfAssignedUsers (Array $a_roles)
 Get the number of assigned users to roles @global ilDB $ilDB. More...
 
 assignedUsers ($a_rol_id, $a_fields=NULL)
 get all assigned users to a given role @access public More...
 
 isAssigned ($a_usr_id, $a_role_id)
 check if a specific user is assigned to specific role @access public More...
 
 isAssignedToAtLeastOneGivenRole ($a_usr_id, $a_role_ids)
 check if a specific user is assigned to at least one of the given role ids. More...
 
 assignedRoles ($a_usr_id)
 get all assigned roles to a given user @access public More...
 
 assignedGlobalRoles ($a_usr_id)
 Get assigned global roles for an user. More...
 
 isAssignable ($a_rol_id, $a_ref_id)
 Check if its possible to assign users @access public. More...
 
 hasMultipleAssignments ($a_role_id)
 Temporary bugfix. More...
 
 getFoldersAssignedToRole ($a_rol_id, $a_assignable=false)
 Returns an array of objects assigned to a role. More...
 
 getRolesOfObject ($a_ref_id, $a_assignable_only=FALSE)
 Get roles of object. More...
 
 getRolesOfRoleFolder ($a_ref_id, $a_nonassignable=true)
 get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids @access public More...
 
 getGlobalRoles ()
 get only 'global' roles @access public More...
 
 getLocalRoles ($a_ref_id)
 Get local roles of object. More...
 
 getLocalPolicies ($a_ref_id)
 Get all roles with local policies. More...
 
 getGlobalRolesArray ()
 get only 'global' roles @access public More...
 
 getGlobalAssignableRoles ()
 get only 'global' roles (with flag 'assign_users') @access public More...
 
 isRoleAssignedToObject ($a_role_id, $a_parent_id)
 Check if role is assigned to an object. More...
 
 getOperations ()
 get all possible operations @access public More...
 
 getOperation ($ops_id)
 get one operation by operation id @access public More...
 
 getAllOperationsOfRole ($a_rol_id, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public More...
 
 getActiveOperationsOfRole ($a_ref_id, $a_role_id)
 Get active operations for a role. More...
 
 getOperationsOfRole ($a_rol_id, $a_type, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public More...
 
 getRoleOperationsOnObject ($a_role_id, $a_ref_id)
 @global ilDB $ilDB More...
 
 getOperationsOnType ($a_typ_id)
 all possible operations of a type @access public More...
 
 getOperationsOnTypeString ($a_type)
 all possible operations of a type @access public More...
 
 getOperationsByTypeAndClass ($a_type, $a_class)
 Get operations by type and class. More...
 
 getObjectsWithStopedInheritance ($a_rol_id, $a_filter=array())
 get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder. More...
 
 isDeleted ($a_node_id)
 Checks if a rolefolder is set as deleted (negative tree_id) @access public. More...
 
 isGlobalRole ($a_role_id)
 Check if role is a global role. More...
 
 getRolesByFilter ($a_filter=0, $a_user_id=0, $title_filter='')
 @global ilDB $ilDB More...
 
 getTypeId ($a_type)
 Get type id of object @global ilDB $ilDB. More...
 
 isProtected ($a_ref_id, $a_role_id)
 
 getObjectOfRole ($a_role_id)
 Get object id of objects a role is assigned to. More...
 
 getObjectReferenceOfRole ($a_role_id)
 Get reference of role. More...
 
 isRoleDeleted ($a_role_id)
 return if role is only attached to deleted role folders More...
 
 getRolesForIDs ($role_ids, $use_templates)
 @global ilDB $ilDB More...
 
 getOperationAssignment ()
 get operation assignments More...
 
 isDeleteable ($a_role_id, $a_rolf_id)
 Check if role is deleteable at a specific position. More...
 
 isSystemGeneratedRole ($a_role_id)
 Check if the role is system generate role or role template. More...
 
 getRoleFolderOfRole ($a_role_id)
 Get role folder of role @global ilDB $ilDB. More...
 
 getUserPermissionsOnObject ($a_user_id, $a_ref_id)
 Get all user permissions on an object. More...
 
 setAssignedCacheEntry ($a_role_id, $a_user_id, $a_value)
 set entry of assigned_chache More...
 
 getAssignedCacheEntry ($a_role_id, $a_user_id)
 get entry of assigned_chache More...
 
 clearCaches ()
 Clear assigned users caches. More...
 

Static Public Member Functions

static _getOperationIdsByName ($operations)
 get ops_id's by name. More...
 
static _getOperationIdByName ($a_operation)
 get operation id by name of operation @access public @access static More...
 
static lookupCreateOperationIds ($a_type_arr)
 Lookup operation ids. More...
 
static _getOperationList ($a_type=null)
 get operation list by object type @access public @access static More...
 
static _groupOperationsByClass ($a_ops_arr)
 

Data Fields

const FILTER_ALL = 1
 
const FILTER_ALL_GLOBAL = 2
 
const FILTER_ALL_LOCAL = 3
 
const FILTER_INTERNAL = 4
 
const FILTER_NOT_INTERNAL = 5
 
const FILTER_TEMPLATES = 6
 
 $log = null
 

Protected Member Functions

 __getParentRoles ($a_path, $a_templates)
 Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan. More...
 
 __setTemplateFilter ($a_templates)
 get roles and templates or only roles; returns string for where clause @access private More...
 
 __setRoleType ($a_role_list)
 computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates More...
 
 __setProtectedStatus ($a_parent_roles, $a_role_hierarchy, $a_ref_id)
 Set protected status @global type $rbacsystem @global type $ilUser @global type $log. More...
 

Protected Attributes

 $assigned_roles = array()
 

Static Protected Attributes

static $assigned_users_cache = array()
 
static $is_assigned_cache = array()
 

Static Private Attributes

static $_opsCache = null
 

Detailed Description

class ilRbacReview Contains Review functions of core Rbac.

This class offers the possibility to view the contents of the user <-> role (UR) relation and the permission <-> role (PR) relation. For example, from the UA relation the administrator should have the facility to view all user assigned to a given role.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

Definition at line 19 of file class.ilRbacReview.php.

Constructor & Destructor Documentation

◆ __construct()

ilRbacReview::__construct ( )

Constructor @access public.

Definition at line 48 of file class.ilRbacReview.php.

49 {
50 global $ilDB,$ilErr,$ilias,$ilLog;
51
52 $this->log =& $ilLog;
53
54 // set db & error handler
55 (isset($ilDB)) ? $this->ilDB =& $ilDB : $this->ilDB =& $ilias->db;
56
57 if (!isset($ilErr))
58 {
59 $ilErr = new ilErrorHandling();
60 $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
61 }
62 else
63 {
64 $this->ilErr =& $ilErr;
65 }
66 }
PEAR_ERROR_CALLBACK
const PEAR_ERROR_CALLBACK
Definition: PEAR.php:35
ilDB
Database Wrapper.
Definition: class.ilDB.php:29
ilErrorHandling
Error Handling & global info handling uses PEAR error class.
Definition: class.ilErrorHandling.php:19
if
if(!file_exists(getcwd().'/ilias.ini.php')) if(isset( $_GET["client_id"]))
registration confirmation script for ilias
Definition: confirmReg.php:20
$ilLog
$ilLog
Definition: inc.setup_header.php:132
$ilErr
$ilErr
Definition: inc.setup_header.php:81
$ilDB
global $ilDB
Definition: storeScorm2004.php:19

References $ilDB, $ilErr, $ilLog, if, and PEAR_ERROR_CALLBACK.

Member Function Documentation

◆ __getParentRoles()

ilRbacReview::__getParentRoles (   $a_path,
  $a_templates 
)
protected

Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan.

Get parent roles in a path. If last parameter is set 'true' it delivers also all templates in the path @access protected

Parameters
arrayarray with path_ids
booleantrue for role templates (default: false)
Returns
array array with all parent roles (obj_ids)
Todo:
refactor rolf => DONE

Definition at line 597 of file class.ilRbacReview.php.

598 {
599 if (!isset($a_path) or !is_array($a_path))
600 {
601 $message = get_class($this)."::getParentRoles(): No path given or wrong datatype!";
602 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
603 }
604
605 $parent_roles = array();
606 $role_hierarchy = array();
607
608 foreach($a_path as $ref_id)
609 {
610 $roles = $this->getRoleListByObject($ref_id,$a_templates);
611 foreach($roles as $role)
612 {
613 $id = $role["obj_id"];
614 $role["parent"] = $ref_id;
615 $parent_roles[$id] = $role;
616
617 if (!array_key_exists($role['obj_id'],$role_hierarchy))
618 {
619 $role_hierarchy[$id] = $ref_id;
620 }
621 }
622 }
623 return $this->__setProtectedStatus($parent_roles,$role_hierarchy,reset($a_path));
624 }
ilRbacReview\__setProtectedStatus
__setProtectedStatus($a_parent_roles, $a_role_hierarchy, $a_ref_id)
Set protected status @global type $rbacsystem @global type $ilUser @global type $log.
Definition: class.ilRbacReview.php:1934
ilRbacReview\getRoleListByObject
getRoleListByObject($a_ref_id, $a_templates=false)
Returns a list of roles in an container @access public.
Definition: class.ilRbacReview.php:666
$ref_id
$ref_id
Definition: sahs_server.php:39

References $ref_id, __setProtectedStatus(), and getRoleListByObject().

Referenced by getParentRoleIds().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setProtectedStatus()

ilRbacReview::__setProtectedStatus (   $a_parent_roles,
  $a_role_hierarchy,
  $a_ref_id 
)
protected

Set protected status @global type $rbacsystem @global type $ilUser @global type $log.

Parameters
type$a_parent_roles
type$a_role_hierarchy
type$a_ref_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1934 of file class.ilRbacReview.php.

1935 {
1936 //vd('refId',$a_ref_id,'parent roles',$a_parent_roles,'role-hierarchy',$a_role_hierarchy);
1937
1938 global $rbacsystem,$ilUser,$log;
1939
1940 if (in_array(SYSTEM_ROLE_ID,$this->assignedRoles($ilUser->getId())))
1941 {
1942 $leveladmin = true;
1943 }
1944 else
1945 {
1946 $leveladmin = false;
1947 }
1948 #vd("RoleHierarchy",$a_role_hierarchy);
1949 foreach ($a_role_hierarchy as $role_id => $rolf_id)
1950 {
1951 //$log->write("ilRBACreview::__setProtectedStatus(), 0");
1952 #echo "<br/>ROLF: ".$rolf_id." ROLE_ID: ".$role_id." (".$a_parent_roles[$role_id]['title'].") ";
1953 //var_dump($leveladmin,$a_parent_roles[$role_id]['protected']);
1954
1955 if ($leveladmin == true)
1956 {
1957 $a_parent_roles[$role_id]['protected'] = false;
1958 continue;
1959 }
1960
1961 if ($a_parent_roles[$role_id]['protected'] == true)
1962 {
1963 $arr_lvl_roles_user = array_intersect($this->assignedRoles($ilUser->getId()),array_keys($a_role_hierarchy,$rolf_id));
1964
1965 #vd("intersection",$arr_lvl_roles_user);
1966
1967 foreach ($arr_lvl_roles_user as $lvl_role_id)
1968 {
1969 #echo "<br/>level_role: ".$lvl_role_id;
1970 #echo "<br/>a_ref_id: ".$a_ref_id;
1971
1972 //$log->write("ilRBACreview::__setProtectedStatus(), 1");
1973 // check if role grants 'edit_permission' to parent
1974 $rolf = $a_parent_roles[$role_id]['parent'];
1975 #$parent_obj = $GLOBALS['tree']->getParentId($rolf);
1976 if ($rbacsystem->checkPermission($rolf,$lvl_role_id,'edit_permission'))
1977 {
1978 #echo "<br />Permission granted";
1979 //$log->write("ilRBACreview::__setProtectedStatus(), 2");
1980 // user may change permissions of that higher-ranked role
1981 $a_parent_roles[$role_id]['protected'] = false;
1982
1983 // remember successful check
1984 //$leveladmin = true;
1985 }
1986 }
1987 }
1988 }
1989 return $a_parent_roles;
1990 }
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user @access public
Definition: class.ilRbacReview.php:1030
$ilUser
global $ilUser
Definition: imgupload.php:15

References $ilUser, $log, and assignedRoles().

Referenced by __getParentRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setRoleType()

ilRbacReview::__setRoleType (   $a_role_list)
protected

computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates

@access private

Parameters
arrayrole list
Returns
array role list with additional entry for role_type
Todo:
refactor rolf => DONE

Definition at line 835 of file class.ilRbacReview.php.

836 {
837 foreach ($a_role_list as $key => $val)
838 {
839 // determine role type
840 if ($val["type"] == "rolt")
841 {
842 $a_role_list[$key]["role_type"] = "template";
843 }
844 else
845 {
846 if ($val["assign"] == "y")
847 {
848 if ($val["parent"] == ROLE_FOLDER_ID)
849 {
850 $a_role_list[$key]["role_type"] = "global";
851 }
852 else
853 {
854 $a_role_list[$key]["role_type"] = "local";
855 }
856 }
857 else
858 {
859 $a_role_list[$key]["role_type"] = "linked";
860 }
861 }
862
863 if ($val["protected"] == "y")
864 {
865 $a_role_list[$key]["protected"] = true;
866 }
867 else
868 {
869 $a_role_list[$key]["protected"] = false;
870 }
871 }
872
873 return $a_role_list;
874 }

Referenced by getAssignableRoles(), getRoleListByObject(), getRolesByFilter(), and getRolesForIDs().

+ Here is the caller graph for this function:

◆ __setTemplateFilter()

ilRbacReview::__setTemplateFilter (   $a_templates)
protected

get roles and templates or only roles; returns string for where clause @access private

Parameters
booleantrue: with templates
Returns
string where clause
Todo:
refactor rolf => DONE

Definition at line 807 of file class.ilRbacReview.php.

808 {
809 global $ilDB;
810
811 if ($a_templates === true)
812 {
813 $where = "WHERE ".$ilDB->in('object_data.type',array('role','rolt'),false,'text')." ";
814 }
815 else
816 {
817 $where = "WHERE ".$ilDB->in('object_data.type',array('role'),false,'text')." ";
818 }
819
820 return $where;
821 }

References $ilDB.

Referenced by getAssignableRoles(), getRoleListByObject(), and getRolesForIDs().

+ Here is the caller graph for this function:

◆ _getOperationIdByName()

static ilRbacReview::_getOperationIdByName (   $a_operation)
static

get operation id by name of operation @access public @access static

Parameters
stringoperation name
Returns
integer operation id
Todo:
refactor rolf => DONE

Definition at line 1831 of file class.ilRbacReview.php.

1832 {
1833 global $ilDB,$ilErr;
1834
1835 if (!isset($a_operation))
1836 {
1837 $message = "perm::getOperationId(): No operation given!";
1838 $ilErr->raiseError($message,$ilErr->WARNING);
1839 }
1840
1841 // Cache operation ids
1842 if (! is_array(self::$_opsCache)) {
1843 self::$_opsCache = array();
1844
1845 $q = "SELECT ops_id, operation FROM rbac_operations";
1846 $r = $ilDB->query($q);
1847 while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
1848 {
1849 self::$_opsCache[$row->operation] = $row->ops_id;
1850 }
1851 }
1852
1853 // Get operation ID by name from cache
1854 if (array_key_exists($a_operation, self::$_opsCache)) {
1855 return self::$_opsCache[$a_operation];
1856 }
1857 return null;
1858 }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11

References $ilDB, $ilErr, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilRbacSystem\checkAccessOfUser(), and ilObjBlog\getRolesWithContribute().

+ Here is the caller graph for this function:

◆ _getOperationIdsByName()

static ilRbacReview::_getOperationIdsByName (   $operations)
static

get ops_id's by name.

Example usage: $rbacadmin->grantPermission($roles,ilRbacReview::_getOperationIdsByName(array('visible','read'),$ref_id));

@access public

Parameters
arraystring name of operation. see rbac_operations
Returns
array integer ops_id's
Todo:
refactor rolf => DONE

Definition at line 1803 of file class.ilRbacReview.php.

1804 {
1805 global $ilDB;
1806
1807 if(!count($operations))
1808 {
1809 return array();
1810 }
1811
1812 $query = 'SELECT ops_id FROM rbac_operations '.
1813 'WHERE '.$ilDB->in('operation',$operations,false,'text');
1814
1815 $res = $ilDB->query($query);
1816 while($row = $ilDB->fetchObject($res))
1817 {
1818 $ops_ids[] = $row->ops_id;
1819 }
1820 return $ops_ids ? $ops_ids : array();
1821 }

References $ilDB, $query, $res, and $row.

Referenced by ilUtil\_getObjectsByOperations(), ilLicense\getPotentialAccesses(), and ilECSObjectSettings\handlePermissionUpdate().

+ Here is the caller graph for this function:

◆ _getOperationList()

static ilRbacReview::_getOperationList (   $a_type = null)
static

get operation list by object type @access public @access static

Parameters
stringobject type you want to have the operation list
stringorder column
stringorder direction (possible values: ASC or DESC)
Returns
array returns array of operations
Todo:
refactor rolf => DONE

Definition at line 2002 of file class.ilRbacReview.php.

2003 {
2004 global $ilDB;
2005
2006 $arr = array();
2007
2008 if ($a_type)
2009 {
2010 $query = sprintf('SELECT * FROM rbac_operations '.
2011 'JOIN rbac_ta ON rbac_operations.ops_id = rbac_ta.ops_id '.
2012 'JOIN object_data ON rbac_ta.typ_id = object_data.obj_id '.
2013 'WHERE object_data.title = %s '.
2014 'AND object_data.type = %s '.
2015 'ORDER BY op_order ASC',
2016 $ilDB->quote($a_type,'text'),
2017 $ilDB->quote('typ','text'));
2018 }
2019 else
2020 {
2021 $query = 'SELECT * FROM rbac_operations ORDER BY op_order ASC';
2022 }
2023 $res = $ilDB->query($query);
2024 while ($row = $ilDB->fetchAssoc($res))
2025 {
2026 $arr[] = array(
2027 "ops_id" => $row['ops_id'],
2028 "operation" => $row['operation'],
2029 "desc" => $row['description'],
2030 "class" => $row['class'],
2031 "order" => $row['op_order']
2032 );
2033 }
2034 return $arr;
2035 }

References $ilDB, $query, $res, and $row.

Referenced by ilObjTypeDefinitionGUI\editObject(), ilObjectPermissionStatusGUI\getAccessPermissionTableData(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), ilObjRoleTemplateGUI\permObject(), and ilObjTypeDefinitionGUI\viewObject().

+ Here is the caller graph for this function:

◆ _groupOperationsByClass()

static ilRbacReview::_groupOperationsByClass (   $a_ops_arr)
static
Parameters
type$a_ops_arr
Returns
type
Todo:
refactor rolf => DONE

Definition at line 2043 of file class.ilRbacReview.php.

2044 {
2045 $arr = array();
2046
2047 foreach ($a_ops_arr as $ops)
2048 {
2049 $arr[$ops['class']][] = array ('ops_id' => $ops['ops_id'],
2050 'name' => $ops['operation']
2051 );
2052 }
2053 return $arr;
2054 }

◆ assignedGlobalRoles()

ilRbacReview::assignedGlobalRoles (   $a_usr_id)

Get assigned global roles for an user.

Parameters
int$a_usr_idId of user account
Todo:
refactor rolf => DONE

Definition at line 1051 of file class.ilRbacReview.php.

1052 {
1053 global $ilDB;
1054
1055 $query = "SELECT ua.rol_id FROM rbac_ua ua ".
1056 "JOIN rbac_fa fa ON ua.rol_id = fa.rol_id ".
1057 "WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer').' '.
1058 "AND parent = ".$ilDB->quote(ROLE_FOLDER_ID)." ".
1059 "AND assign = 'y' ";
1060
1061 $res = $ilDB->query($query);
1062 while($row = $ilDB->fetchObject($res))
1063 {
1064 $role_arr[] = $row->rol_id;
1065 }
1066 return $role_arr ? $role_arr : array();
1067 }

References $ilDB, $query, $res, and $row.

◆ assignedRoles()

ilRbacReview::assignedRoles (   $a_usr_id)

get all assigned roles to a given user @access public

Parameters
integerusr_id
Returns
array all roles (id) the user have
Todo:
refactor rolf => DONE

Definition at line 1030 of file class.ilRbacReview.php.

1031 {
1032 global $ilDB;
1033
1034 $role_arr = array();
1035
1036 $query = "SELECT rol_id FROM rbac_ua WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer');
1037
1038 $res = $ilDB->query($query);
1039 while($row = $ilDB->fetchObject($res))
1040 {
1041 $role_arr[] = $row->rol_id;
1042 }
1043 return $role_arr ? $role_arr : array();
1044 }

References $ilDB, $query, $res, and $row.

Referenced by __setProtectedStatus(), and getRolesByFilter().

+ Here is the caller graph for this function:

◆ assignedUsers()

ilRbacReview::assignedUsers (   $a_rol_id,
  $a_fields = NULL 
)

get all assigned users to a given role @access public

Parameters
integerrole_id
arraycolumns to get form usr_data table (optional)
Returns
array all users (id) assigned to role OR arrays of user datas
Todo:
refactor rolf => (check result buffering)

Definition at line 904 of file class.ilRbacReview.php.

905 {
906 global $ilBench,$ilDB;
907
908 $ilBench->start("RBAC", "review_assignedUsers");
909
910 if (!isset($a_rol_id))
911 {
912 $message = get_class($this)."::assignedUsers(): No role_id given!";
913 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
914 }
915 if (! $a_fields AND isset(self::$assigned_users_cache[$a_rol_id])) {
916 return self::$assigned_users_cache[$a_rol_id];
917 }
918
919 $result_arr = array();
920
921 if ($a_fields !== NULL and is_array($a_fields))
922 {
923 if (count($a_fields) == 0)
924 {
925 $select = "*";
926 }
927 else
928 {
929 if (($usr_id_field = array_search("usr_id",$a_fields)) !== false)
930 unset($a_fields[$usr_id_field]);
931
932 $select = implode(",",$a_fields).",usr_data.usr_id";
933 $select = addslashes($select);
934 }
935
936 $ilDB->enableResultBuffering(false);
937 $query = "SELECT ".$select." FROM usr_data ".
938 "LEFT JOIN rbac_ua ON usr_data.usr_id = rbac_ua.usr_id ".
939 "WHERE rbac_ua.rol_id =".$ilDB->quote($a_rol_id,'integer');
940 $res = $ilDB->query($query);
941 while($row = $ilDB->fetchAssoc($res))
942 {
943 $result_arr[] = $row;
944 }
945 $ilDB->enableResultBuffering(true);
946 }
947 else
948 {
949 $ilDB->enableResultBuffering(false);
950 $query = "SELECT usr_id FROM rbac_ua WHERE rol_id= ".$ilDB->quote($a_rol_id,'integer');
951
952 $res = $ilDB->query($query);
953 while($row = $ilDB->fetchAssoc($res))
954 {
955 array_push($result_arr,$row["usr_id"]);
956 }
957 $ilDB->enableResultBuffering(true);
958 }
959
960 $ilBench->stop("RBAC", "review_assignedUsers");
961
962 if (! $a_fields) {
963 self::$assigned_users_cache[$a_rol_id] = $result_arr;
964 }
965
966 return $result_arr;
967 }
$ilBench
global $ilBench
Definition: ilias.php:18

References $ilBench, $ilDB, $query, $res, and $row.

◆ clearCaches()

ilRbacReview::clearCaches ( )

Clear assigned users caches.

Definition at line 2337 of file class.ilRbacReview.php.

2338 {
2339 self::$is_assigned_cache = array();
2340 self::$assigned_users_cache = array();
2341 }

◆ getActiveOperationsOfRole()

ilRbacReview::getActiveOperationsOfRole (   $a_ref_id,
  $a_role_id 
)

Get active operations for a role.

Parameters
object$a_ref_id
object$a_role_id
Returns
Todo:
refactor rolf => DONE

Definition at line 1419 of file class.ilRbacReview.php.

1420 {
1421 global $ilDB;
1422
1423 $query = 'SELECT * FROM rbac_pa '.
1424 'WHERE ref_id = '.$ilDB->quote($a_ref_id,'integer').' '.
1425 'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' ';
1426
1427 $res = $ilDB->query($query);
1428 while($row = $res->fetchRow(DB_FETCHMODE_ASSOC))
1429 {
1430 return unserialize($row['ops_id']);
1431 }
1432 return array();
1433 }
DB_FETCHMODE_ASSOC
const DB_FETCHMODE_ASSOC
Definition: class.ilDB.php:10

References $ilDB, $query, $res, $row, and DB_FETCHMODE_ASSOC.

◆ getAllOperationsOfRole()

ilRbacReview::getAllOperationsOfRole (   $a_rol_id,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public

Parameters
integerrole_id
integerrole folder id
Returns
array array of operation_id and types
Todo:
refactor rolf => DONE

Definition at line 1390 of file class.ilRbacReview.php.

1391 {
1392 global $ilDB;
1393
1394 if(!$a_parent)
1395 {
1396 $a_parent = ROLE_FOLDER_ID;
1397 }
1398
1399 $query = "SELECT ops_id,type FROM rbac_templates ".
1400 "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1401 "AND parent = ".$ilDB->quote($a_parent,'integer');
1402 $res = $ilDB->query($query);
1403
1404 $ops_arr = array();
1405 while ($row = $ilDB->fetchObject($res))
1406 {
1407 $ops_arr[$row->type][] = $row->ops_id;
1408 }
1409 return (array) $ops_arr;
1410 }

References $ilDB, $query, $res, and $row.

◆ getAssignableChildRoles()

ilRbacReview::getAssignableChildRoles (   $a_ref_id)

Get all assignable roles directly under a specific node @access public.

Parameters
ref_id
Returns
array set ids
Todo:
refactor rolf => Find a better name; reduce sql fields

Definition at line 781 of file class.ilRbacReview.php.

782 {
783 global $ilDB;
784
785 $query = "SELECT fa.*, rd.* ".
786 "FROM object_data rd ".
787 "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id ".
788 "WHERE fa.assign = 'y' ".
789 "AND fa.parent = ".$this->ilDB->quote($a_ref_id,'integer')." "
790 ;
791
792 $res = $ilDB->query($query);
793 while($row = $ilDB->fetchAssoc($res))
794 {
795 $roles_data[] = $row;
796 }
797 return $roles_data ? $roles_data : array();
798 }

References $ilDB, $query, $res, and $row.

◆ getAssignableRoles()

ilRbacReview::getAssignableRoles (   $a_templates = false,
  $a_internal_roles = false,
  $title_filter = '' 
)

Returns a list of all assignable roles @access public.

Parameters
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 708 of file class.ilRbacReview.php.

709 {
710 global $ilDB;
711
712 $role_list = array();
713
714 $where = $this->__setTemplateFilter($a_templates);
715
716 $query = "SELECT * FROM object_data ".
717 "JOIN rbac_fa ON obj_id = rol_id ".
718 $where.
719 "AND rbac_fa.assign = 'y' ";
720
721 if(strlen($title_filter))
722 {
723 $query .= (' AND '.$ilDB->like(
724 'title',
725 'text',
726 $title_filter.'%'
727 ));
728 }
729 $res = $ilDB->query($query);
730
731 while ($row = $ilDB->fetchAssoc($res))
732 {
733 $row["desc"] = $row["description"];
734 $row["user_id"] = $row["owner"];
735 $role_list[] = $row;
736 }
737
738 $role_list = $this->__setRoleType($role_list);
739
740 return $role_list;
741 }
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:835
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause @access private
Definition: class.ilRbacReview.php:807

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by getRolesByFilter().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssignableRolesInSubtree()

ilRbacReview::getAssignableRolesInSubtree (   $ref_id)

Returns a list of assignable roles in a subtree of the repository @access public.

Parameters
ref_idRoot node of subtree
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 750 of file class.ilRbacReview.php.

751 {
752 global $ilDB;
753
754 $query = 'SELECT rol_id FROM rbac_fa fa '.
755 'JOIN tree t1 ON t1.child = fa.parent '.
756 'JOIN object_data obd ON fa.rol_id = obd.obj_id ' .
757 'WHERE assign = '.$ilDB->quote('y','text').' '.
758 'AND obd.type = '.$ilDB->quote('role','text').' '.
759 'AND t1.child IN ('.
760 $GLOBALS['tree']->getSubTreeQuery($ref_id,array('child')).' '.
761 ') ';
762
763
764 $res = $ilDB->query($query);
765
766 $role_list = array();
767 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
768 {
769 $role_list[] = $row->rol_id;
770 }
771 return $role_list;
772 }
$GLOBALS
$GLOBALS['ct_recipient']
Definition: example_form.ajax.php:4

References $GLOBALS, $ilDB, $query, $ref_id, $res, $row, and DB_FETCHMODE_OBJECT.

◆ getAssignedCacheEntry()

ilRbacReview::getAssignedCacheEntry (   $a_role_id,
  $a_user_id 
)

get entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id

Definition at line 2329 of file class.ilRbacReview.php.

2330 {
2331 return self::$is_assigned_cache[$a_role_id][$a_user_id];
2332 }

◆ getFoldersAssignedToRole()

ilRbacReview::getFoldersAssignedToRole (   $a_rol_id,
  $a_assignable = false 
)

Returns an array of objects assigned to a role.

A role with stopped inheritance may be assigned to more than one objects. To get only the original location of a role, set the second parameter to true

@access public

Parameters
integerrole id
booleanget only rolefolders where role is assignable (true)
Returns
array reference IDs of role folders
Todo:
refactor rolf => RENAME (rest done)

Definition at line 1132 of file class.ilRbacReview.php.

1133 {
1134 global $ilDB;
1135
1136 if (!isset($a_rol_id))
1137 {
1138 $message = get_class($this)."::getFoldersAssignedToRole(): No role_id given!";
1139 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1140 }
1141
1142 if ($a_assignable)
1143 {
1144 $where = " AND assign ='y'";
1145 }
1146
1147 $query = "SELECT DISTINCT parent FROM rbac_fa ".
1148 "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".$where." ";
1149
1150 $res = $ilDB->query($query);
1151 while($row = $ilDB->fetchObject($res))
1152 {
1153 $folders[] = $row->parent;
1154 }
1155 return $folders ? $folders : array();
1156 }

References $ilDB, $query, $res, and $row.

Referenced by isRoleDeleted().

+ Here is the caller graph for this function:

◆ getGlobalAssignableRoles()

ilRbacReview::getGlobalAssignableRoles ( )

get only 'global' roles (with flag 'assign_users') @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1306 of file class.ilRbacReview.php.

1307 {
1308 include_once './Services/AccessControl/classes/class.ilObjRole.php';
1309
1310 foreach($this->getGlobalRoles() as $role_id)
1311 {
1312 if(ilObjRole::_getAssignUsersStatus($role_id))
1313 {
1314 $ga[] = array('obj_id' => $role_id,
1315 'role_type' => 'global');
1316 }
1317 }
1318 return $ga ? $ga : array();
1319 }
ilObjRole\_getAssignUsersStatus
_getAssignUsersStatus($a_role_id)
Definition: class.ilObjRole.php:141
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only 'global' roles @access public
Definition: class.ilRbacReview.php:1244

References ilObjRole\_getAssignUsersStatus(), and getGlobalRoles().

+ Here is the call graph for this function:

◆ getGlobalRoles()

ilRbacReview::getGlobalRoles ( )

get only 'global' roles @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1244 of file class.ilRbacReview.php.

1245 {
1246 return $this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false);
1247 }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:1205

References getRolesOfRoleFolder().

Referenced by getGlobalAssignableRoles(), getRolesByFilter(), and isGlobalRole().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getGlobalRolesArray()

ilRbacReview::getGlobalRolesArray ( )

get only 'global' roles @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1290 of file class.ilRbacReview.php.

1291 {
1292 foreach($this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false) as $role_id)
1293 {
1294 $ga[] = array('obj_id' => $role_id,
1295 'role_type' => 'global');
1296 }
1297 return $ga ? $ga : array();
1298 }

References getRolesOfRoleFolder().

+ Here is the call graph for this function:

◆ getLocalPolicies()

ilRbacReview::getLocalPolicies (   $a_ref_id)

Get all roles with local policies.

Parameters
type$a_ref_id
Returns
type

Definition at line 1274 of file class.ilRbacReview.php.

1275 {
1276 $lroles = array();
1277 foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
1278 {
1279 $lroles[] = $role_id;
1280 }
1281 return $lroles;
1282 }

References getRolesOfRoleFolder().

+ Here is the call graph for this function:

◆ getLocalRoles()

ilRbacReview::getLocalRoles (   $a_ref_id)

Get local roles of object.

Parameters
int$a_ref_id
Todo:
refactor rolf => DONE

Definition at line 1254 of file class.ilRbacReview.php.

1255 {
1256 global $ilDB;
1257
1258 $lroles = array();
1259 foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
1260 {
1261 if($this->isAssignable($role_id, $a_ref_id))
1262 {
1263 $lroles[] = $role_id;
1264 }
1265 }
1266 return $lroles;
1267 }
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users @access public.
Definition: class.ilRbacReview.php:1077

References $ilDB, getRolesOfRoleFolder(), and isAssignable().

+ Here is the call graph for this function:

◆ getNumberOfAssignedUsers()

ilRbacReview::getNumberOfAssignedUsers ( Array  $a_roles)

Get the number of assigned users to roles @global ilDB $ilDB.

Parameters
array$a_roles
Returns
int
Todo:
refactor rolf => DONE

Definition at line 883 of file class.ilRbacReview.php.

884 {
885 global $ilDB;
886
887 $query = 'SELECT COUNT(DISTINCT(usr_id)) as num FROM rbac_ua '.
888 'WHERE '.$ilDB->in('rol_id', $a_roles, false, 'integer').' ';
889
890 $res = $ilDB->query($query);
891 $row = $res->fetchRow(DB_FETCHMODE_OBJECT);
892 return $row->num ? $row->num : 0;
893 }

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

◆ getObjectOfRole()

ilRbacReview::getObjectOfRole (   $a_role_id)

Get object id of objects a role is assigned to.

Todo:
refactor rolf (due to performance reasons the new version does not check for deleted roles only in object reference)

@access public

Parameters
introle id

Definition at line 2065 of file class.ilRbacReview.php.

2066 {
2067 // internal cache
2068 static $obj_cache = array();
2069
2070 global $ilDB;
2071
2072
2073 if(isset($obj_cache[$a_role_id]) and $obj_cache[$a_role_id])
2074 {
2075 return $obj_cache[$a_role_id];
2076 }
2077
2078 $query = 'SELECT obr.obj_id FROM rbac_fa rfa '.
2079 'JOIN object_reference obr ON rfa.parent = obr.ref_id '.
2080 'WHERE assign = '.$ilDB->quote('y','text'). ' '.
2081 'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2082 'AND deleted IS NULL';
2083
2084 #$query = "SELECT obr.obj_id FROM rbac_fa rfa ".
2085 # "JOIN tree ON rfa.parent = tree.child ".
2086 # "JOIN object_reference obr ON tree.parent = obr.ref_id ".
2087 # "WHERE tree.tree = 1 ".
2088 # "AND assign = 'y' ".
2089 # "AND rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
2090 $res = $ilDB->query($query);
2091
2092 $obj_cache[$a_role_id] = 0;
2093 while($row = $ilDB->fetchObject($res))
2094 {
2095 $obj_cache[$a_role_id] = $row->obj_id;
2096 }
2097 return $obj_cache[$a_role_id];
2098 }

References $ilDB, $query, $res, and $row.

Referenced by ilObjUserGUI\roleassignmentObject().

+ Here is the caller graph for this function:

◆ getObjectReferenceOfRole()

ilRbacReview::getObjectReferenceOfRole (   $a_role_id)

Get reference of role.

Parameters
object$a_role_id
Returns
int
Todo:
refactor rolf (no deleted check)

Definition at line 2106 of file class.ilRbacReview.php.

2107 {
2108 global $ilDB;
2109
2110 $query = 'SELECT parent role_ref FROM rbac_fa '.
2111 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2112 'AND assign = '.$ilDB->quote('y','text');
2113
2114 $res = $ilDB->query($query);
2115 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
2116 {
2117 return $row->role_ref;
2118 }
2119 return 0;
2120 }

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

◆ getObjectsWithStopedInheritance()

ilRbacReview::getObjectsWithStopedInheritance (   $a_rol_id,
  $a_filter = array() 
)

get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder.

@access public

Parameters
integerrole_id
arrayfilter ref_ids
Returns
array with ref_ids of objects
Todo:
refactor rolf => DONE

Definition at line 1609 of file class.ilRbacReview.php.

1610 {
1611 global $ilDB;
1612
1613 #$query = 'SELECT t.parent p FROM tree t JOIN rbac_fa fa ON fa.parent = child '.
1614 # 'WHERE assign = '.$ilDB->quote('n','text').' '.
1615 # 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1616
1617 $query = 'SELECT parent p FROM rbac_fa '.
1618 'WHERE assign = '.$ilDB->quote('n','text').' '.
1619 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1620
1621 if($a_filter)
1622 {
1623 $query .= ('AND '.$ilDB->in('parent',(array) $a_filter,false,'integer'));
1624 }
1625
1626 $res = $ilDB->query($query);
1627 $parent = array();
1628 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1629 {
1630 $parent[] = $row->p;
1631 }
1632 return $parent;
1633 }

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

◆ getOperation()

ilRbacReview::getOperation (   $ops_id)

get one operation by operation id @access public

Returns
array data of operation_id
Todo:
refactor rolf => DONE

Definition at line 1365 of file class.ilRbacReview.php.

1366 {
1367 global $ilDB;
1368
1369 $query = 'SELECT * FROM rbac_operations WHERE ops_id = '.$ilDB->quote($ops_id,'integer');
1370 $res = $this->ilDB->query($query);
1371 while($row = $ilDB->fetchObject($res))
1372 {
1373 $ops = array('ops_id' => $row->ops_id,
1374 'operation' => $row->operation,
1375 'description' => $row->description);
1376 }
1377
1378 return $ops ? $ops : array();
1379 }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1393

References $ilDB, $query, $res, $row, and ilDB\query().

+ Here is the call graph for this function:

◆ getOperationAssignment()

ilRbacReview::getOperationAssignment ( )

get operation assignments

Returns
array array(array('typ_id' => $typ_id,'title' => $title,'ops_id => '$ops_is,'operation' => $operation),...
Todo:
refactor rolf => DONE

Definition at line 2186 of file class.ilRbacReview.php.

2187 {
2188 global $ilDB;
2189
2190 $query = 'SELECT ta.typ_id, obj.title, ops.ops_id, ops.operation FROM rbac_ta ta '.
2191 'JOIN object_data obj ON obj.obj_id = ta.typ_id '.
2192 'JOIN rbac_operations ops ON ops.ops_id = ta.ops_id ';
2193 $res = $ilDB->query($query);
2194
2195 $counter = 0;
2196 while($row = $ilDB->fetchObject($res))
2197 {
2198 $info[$counter]['typ_id'] = $row->typ_id;
2199 $info[$counter]['type'] = $row->title;
2200 $info[$counter]['ops_id'] = $row->ops_id;
2201 $info[$counter]['operation'] = $row->operation;
2202 $counter++;
2203 }
2204 return $info ? $info : array();
2205
2206 }

References $ilDB, $query, $res, and $row.

◆ getOperations()

ilRbacReview::getOperations ( )

get all possible operations @access public

Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 1343 of file class.ilRbacReview.php.

1344 {
1345 global $ilDB;
1346
1347 $query = 'SELECT * FROM rbac_operations ORDER BY ops_id ';
1348 $res = $this->ilDB->query($query);
1349 while($row = $ilDB->fetchObject($res))
1350 {
1351 $ops[] = array('ops_id' => $row->ops_id,
1352 'operation' => $row->operation,
1353 'description' => $row->description);
1354 }
1355
1356 return $ops ? $ops : array();
1357 }

References $ilDB, $query, $res, $row, and ilDB\query().

+ Here is the call graph for this function:

◆ getOperationsByTypeAndClass()

ilRbacReview::getOperationsByTypeAndClass (   $a_type,
  $a_class 
)

Get operations by type and class.

Parameters
string$a_typeType is "object" or
string$a_class
Returns
Todo:
refactor rolf => DONE

Definition at line 1568 of file class.ilRbacReview.php.

1569 {
1570 global $ilDB;
1571
1572 if($a_class != 'create')
1573 {
1574 $condition = "AND class != ".$ilDB->quote('create','text');
1575 }
1576 else
1577 {
1578 $condition = "AND class = ".$ilDB->quote('create','text');
1579 }
1580
1581 $query = "SELECT ro.ops_id FROM rbac_operations ro ".
1582 "JOIN rbac_ta rt ON ro.ops_id = rt.ops_id ".
1583 "JOIN object_data od ON rt.typ_id = od.obj_id ".
1584 "WHERE type = ".$ilDB->quote('typ','text')." ".
1585 "AND title = ".$ilDB->quote($a_type,'text')." ".
1586 $condition." ".
1587 "ORDER BY op_order ";
1588
1589 $res = $ilDB->query($query);
1590
1591 $ops = array();
1592 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1593 {
1594 $ops[] = $row->ops_id;
1595 }
1596 return $ops;
1597 }

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

◆ getOperationsOfRole()

ilRbacReview::getOperationsOfRole (   $a_rol_id,
  $a_type,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public

Parameters
integerrole_id
stringobject type
integerrole folder id
Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 1446 of file class.ilRbacReview.php.

1447 {
1448 global $ilDB,$ilLog;
1449
1450 if (!isset($a_rol_id) or !isset($a_type))
1451 {
1452 $message = get_class($this)."::getOperationsOfRole(): Missing Parameter!".
1453 "role_id: ".$a_rol_id.
1454 "type: ".$a_type.
1455 "parent_id: ".$a_parent;
1456 $ilLog->logStack("Missing parameter! ");
1457 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1458 }
1459
1460 $ops_arr = array();
1461
1462 // if no rolefolder id is given, assume global role folder as target
1463 if ($a_parent == 0)
1464 {
1465 $a_parent = ROLE_FOLDER_ID;
1466 }
1467
1468 $query = "SELECT ops_id FROM rbac_templates ".
1469 "WHERE type =".$ilDB->quote($a_type,'text')." ".
1470 "AND rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1471 "AND parent = ".$ilDB->quote($a_parent,'integer');
1472 $res = $ilDB->query($query);
1473 while ($row = $ilDB->fetchObject($res))
1474 {
1475 $ops_arr[] = $row->ops_id;
1476 }
1477
1478 return $ops_arr;
1479 }

References $ilDB, $ilLog, $query, $res, and $row.

◆ getOperationsOnType()

ilRbacReview::getOperationsOnType (   $a_typ_id)

all possible operations of a type @access public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1512 of file class.ilRbacReview.php.

1513 {
1514 global $ilDB;
1515
1516 if (!isset($a_typ_id))
1517 {
1518 $message = get_class($this)."::getOperationsOnType(): No type_id given!";
1519 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1520 }
1521
1522 #$query = "SELECT * FROM rbac_ta WHERE typ_id = ".$ilDB->quote($a_typ_id,'integer');
1523
1524 $query = 'SELECT * FROM rbac_ta ta JOIN rbac_operations o ON ta.ops_id = o.ops_id '.
1525 'WHERE typ_id = '.$ilDB->quote($a_typ_id,'integer').' '.
1526 'ORDER BY op_order';
1527
1528 $res = $ilDB->query($query);
1529
1530 while($row = $ilDB->fetchObject($res))
1531 {
1532 $ops_id[] = $row->ops_id;
1533 }
1534
1535 return $ops_id ? $ops_id : array();
1536 }

References $ilDB, $query, $res, and $row.

Referenced by getOperationsOnTypeString().

+ Here is the caller graph for this function:

◆ getOperationsOnTypeString()

ilRbacReview::getOperationsOnTypeString (   $a_type)

all possible operations of a type @access public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1546 of file class.ilRbacReview.php.

1547 {
1548 global $ilDB;
1549
1550 $query = "SELECT * FROM object_data WHERE type = 'typ' AND title = ".$ilDB->quote($a_type ,'text')." ";
1551
1552
1553 $res = $this->ilDB->query($query);
1554 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1555 {
1556 return $this->getOperationsOnType($row->obj_id);
1557 }
1558 return false;
1559 }
ilRbacReview\getOperationsOnType
getOperationsOnType($a_typ_id)
all possible operations of a type @access public
Definition: class.ilRbacReview.php:1512

References $ilDB, $query, $res, $row, DB_FETCHMODE_OBJECT, getOperationsOnType(), and ilDB\query().

+ Here is the call graph for this function:

◆ getParentRoleIds()

ilRbacReview::getParentRoleIds (   $a_endnode_id,
  $a_templates = false 
)

get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates @access public

Parameters
integerref_id of an object which is end node
booleantrue for role templates (default: false)
Returns
array array(role_ids => role_data)
Todo:
refactor rolf => DONE

Definition at line 635 of file class.ilRbacReview.php.

636 {
637 global $tree;
638
639 if (!isset($a_endnode_id))
640 {
641 $GLOBALS['ilLog']->logStack();
642 $message = get_class($this)."::getParentRoleIds(): No node_id (ref_id) given!";
643 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
644 }
645
646 //var_dump($a_endnode_id);exit;
647 //$log->write("ilRBACreview::getParentRoleIds(), 0");
648 $pathIds = $tree->getPathId($a_endnode_id);
649
650 // add system folder since it may not in the path
651 //$pathIds[0] = SYSTEM_FOLDER_ID;
652 $pathIds[0] = ROLE_FOLDER_ID;
653 //$log->write("ilRBACreview::getParentRoleIds(), 1");
654 #return $this->getParentRoles($a_endnode_id,$a_templates,$a_keep_protected);
655 return $this->__getParentRoles($pathIds,$a_templates);
656 }
ilRbacReview\__getParentRoles
__getParentRoles($a_path, $a_templates)
Note: This function performs faster than the new getParentRoles function, because it uses database in...
Definition: class.ilRbacReview.php:597

References $GLOBALS, and __getParentRoles().

+ Here is the call graph for this function:

◆ getRoleFolderOfRole()

ilRbacReview::getRoleFolderOfRole (   $a_role_id)

Get role folder of role @global ilDB $ilDB.

Parameters
int$a_role_id
Returns
int
Todo:
refactor rolf => RENAME

Definition at line 2252 of file class.ilRbacReview.php.

2253 {
2254 global $ilDB;
2255
2256 if(ilObject::_lookupType($a_role_id) == 'role')
2257 {
2258 $and = ('AND assign = '.$ilDB->quote('y','text'));
2259 }
2260 else
2261 {
2262 $and = '';
2263 }
2264
2265 $query = 'SELECT * FROM rbac_fa '.
2266 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2267 $and;
2268 $res = $ilDB->query($query);
2269 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
2270 {
2271 return $row->parent;
2272 }
2273 return 0;
2274 }
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1183

References $ilDB, $query, $res, $row, ilObject\_lookupType(), and DB_FETCHMODE_OBJECT.

+ Here is the call graph for this function:

◆ getRoleListByObject()

ilRbacReview::getRoleListByObject (   $a_ref_id,
  $a_templates = false 
)

Returns a list of roles in an container @access public.

Parameters
integerref_id of object
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 666 of file class.ilRbacReview.php.

667 {
668 global $ilDB;
669
670 if (!isset($a_ref_id) or !isset($a_templates))
671 {
672 $message = get_class($this)."::getRoleListByObject(): Missing parameter!".
673 "ref_id: ".$a_ref_id.
674 "tpl_flag: ".$a_templates;
675 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
676 }
677
678 $role_list = array();
679
680 $where = $this->__setTemplateFilter($a_templates);
681
682 $query = "SELECT * FROM object_data ".
683 "JOIN rbac_fa ON obj_id = rol_id ".
684 $where.
685 "AND object_data.obj_id = rbac_fa.rol_id ".
686 "AND rbac_fa.parent = ".$ilDB->quote($a_ref_id,'integer')." ";
687
688 $res = $ilDB->query($query);
689 while ($row = $ilDB->fetchAssoc($res))
690 {
691 $row["desc"] = $row["description"];
692 $row["user_id"] = $row["owner"];
693 $role_list[] = $row;
694 }
695
696 $role_list = $this->__setRoleType($role_list);
697
698 return $role_list;
699 }

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by __getParentRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getRoleMailboxAddress()

ilRbacReview::getRoleMailboxAddress (   $a_role_id,
  $is_localize = true 
) 
Returns the mailbox address of a role.

Example 1: Mailbox address for an ILIAS reserved role name

The il_crs_member_345 role of the course object "English Course 1" is returned as one of the following mailbox addresses:

a) Course Member <#member@[English Course 1]> b) Course Member <#il_crs_member_345@[English Course 1]> c) Course Member <#il_crs_member_345>

Address a) is returned, if the title of the object is unique, and if there is only one local role with the substring "member" defined for the object.

Address b) is returned, if the title of the object is unique, but there is more than one local role with the substring "member" in its title.

Address c) is returned, if the title of the course object is not unique.

Example 2: Mailbox address for a manually defined role name

The "Admin" role of the category object "Courses" is returned as one of the following mailbox addresses:

a) Course Administrator <#Admin@Courses> b) Course Administrator <#Admin> c) Course Adminstrator <#il_role_34211> 

Address a) is returned, if the title of the object is unique, and
if there is only one local role with the substring "Admin" defined for
the course object.

Address b) is returned, if the title of the object is not unique, but

the role title is unique.

Address c) is returned, if neither the role title nor the title of the course object is unique.

Example 3: Mailbox address for a manually defined role title that can
       contains special characters in the local-part of a 
       mailbox address

The "Author Courses" role of the category object "Courses" is returned as one of the following mailbox addresses:

a) "#Author Courses"@Courses b) Author Courses <#il_role_34234> 

Address a) is returned, if the title of the role is unique.

Address b) is returned, if neither the role title nor the title of the course object is unique, or if the role title contains a quote or a backslash.

@param int a role id
@param boolean is_localize whether mailbox addresses should be localized
@return     String mailbox address or null, if role does not exist.
@todo refactor rolf

Definition at line 336 of file class.ilRbacReview.php.

337 {
338 global $log, $lng,$ilDB;
339
340 include_once "Services/Mail/classes/class.ilMail.php";
341 if (ilMail::_usePearMail())
342 {
343 // Retrieve the role title and the object title.
344 $query = "SELECT rdat.title role_title,odat.title object_title, ".
345 " oref.ref_id object_ref ".
346 "FROM object_data rdat ".
347 "JOIN rbac_fa fa ON fa.rol_id = rdat.obj_id ".
348 "JOIN tree rtree ON rtree.child = fa.parent ".
349 "JOIN object_reference oref ON oref.ref_id = rtree.child ".
350 "JOIN object_data odat ON odat.obj_id = oref.obj_id ".
351 "WHERE rdat.obj_id = ".$this->ilDB->quote($a_role_id,'integer')." ".
352 "AND fa.assign = 'y' ";
353 $r = $ilDB->query($query);
354 if (!$row = $ilDB->fetchObject($r))
355 {
356 //$log->write('class.ilRbacReview->getMailboxAddress('.$a_role_id.'): error role does not exist');
357 return null; // role does not exist
358 }
359 $object_title = $row->object_title;
360 $object_ref = $row->object_ref;
361 $role_title = $row->role_title;
362
363
364 // In a perfect world, we could use the object_title in the
365 // domain part of the mailbox address, and the role title
366 // with prefix '#' in the local part of the mailbox address.
367 $domain = $object_title;
368 $local_part = $role_title;
369
370
371 // Determine if the object title is unique
372 $q = "SELECT COUNT(DISTINCT dat.obj_id) count ".
373 "FROM object_data dat ".
374 "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
375 "JOIN tree ON tree.child = ref.ref_id ".
376 "WHERE title = ".$this->ilDB->quote($object_title,'text')." ".
377 "AND tree.tree = 1 ";
378 $r = $this->ilDB->query($q);
379 $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
380
381 // If the object title is not unique, we get rid of the domain.
382 if ($row->count > 1)
383 {
384 $domain = null;
385 }
386
387 // If the domain contains illegal characters, we get rid of it.
388 //if (domain != null && preg_match('/[\[\]\\]|[\x00-\x1f]/',$domain))
389 // Fix for Mantis Bug: 7429 sending mail fails because of brakets
390 // Fix for Mantis Bug: 9978 sending mail fails because of semicolon
391 if ($domain != null && preg_match('/[\[\]\\]|[\x00-\x1f]|[\x28-\x29]|[;]/',$domain))
392 {
393 $domain = null;
394 }
395
396 // If the domain contains special characters, we put square
397 // brackets around it.
398 if ($domain != null &&
399 (preg_match('/[()<>@,;:\\".\[\]]/',$domain) ||
400 preg_match('/[^\x21-\x8f]/',$domain))
401 )
402 {
403 $domain = '['.$domain.']';
404 }
405
406 // If the role title is one of the ILIAS reserved role titles,
407 // we can use a shorthand version of it for the local part
408 // of the mailbox address.
409 if (strpos($role_title, 'il_') === 0 && $domain != null)
410 {
411 $unambiguous_role_title = $role_title;
412
413 $pos = strpos($role_title, '_', 3) + 1;
414 $local_part = substr(
415 $role_title,
416 $pos,
417 strrpos($role_title, '_') - $pos
418 );
419 }
420 else
421 {
422 $unambiguous_role_title = 'il_role_'.$a_role_id;
423 }
424
425 // Determine if the local part is unique. If we don't have a
426 // domain, the local part must be unique within the whole repositry.
427 // If we do have a domain, the local part must be unique for that
428 // domain.
429 if ($domain == null)
430 {
431 $q = "SELECT COUNT(DISTINCT dat.obj_id) count ".
432 "FROM object_data dat ".
433 "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
434 "JOIN tree ON tree.child = ref.ref_id ".
435 "WHERE title = ".$this->ilDB->quote($local_part,'text')." ".
436 "AND tree.tree = 1 ";
437 }
438 else
439 {
440 $q = "SELECT COUNT(rd.obj_id) count ".
441 "FROM object_data rd ".
442 "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id ".
443 "JOIN tree t ON t.child = fa.parent ".
444 "WHERE fa.assign = 'y' ".
445 "AND t.child = ".$this->ilDB->quote($object_ref,'integer')." ".
446 "AND rd.title LIKE ".$this->ilDB->quote(
447 '%'.preg_replace('/([_%])/','\\\\$1', $local_part).'%','text')." ";
448 }
449
450 $r = $this->ilDB->query($q);
451 $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
452
453 // if the local_part is not unique, we use the unambiguous role title
454 // instead for the local part of the mailbox address
455 if ($row->count > 1)
456 {
457 $local_part = $unambiguous_role_title;
458 }
459
460 $use_phrase = true;
461
462 // If the local part contains illegal characters, we use
463 // the unambiguous role title instead.
464 if (preg_match('/[\\"\x00-\x1f]/',$local_part))
465 {
466 $local_part = $unambiguous_role_title;
467 }
468 else if(!preg_match('/^[\\x00-\\x7E]+$/i', $local_part))
469 {
470 // 2013-12-05: According to #12283, we do not accept umlauts in the local part
471 $local_part = $unambiguous_role_title;
472 $use_phrase = false;
473 }
474
475 // Add a "#" prefix to the local part
476 $local_part = '#'.$local_part;
477
478 // Put quotes around the role title, if needed
479 if (preg_match('/[()<>@,;:.\[\]\x20]/',$local_part))
480 {
481 $local_part = '"'.$local_part.'"';
482 }
483
484 $mailbox = ($domain == null) ?
485 $local_part :
486 $local_part.'@'.$domain;
487
488 if ($is_localize)
489 {
490 if (substr($role_title,0,3) == 'il_')
491 {
492 $phrase = $lng->txt(substr($role_title, 0, strrpos($role_title,'_')));
493 }
494 else
495 {
496 $phrase = $role_title;
497 }
498
499 if($use_phrase)
500 {
501 // make phrase RFC 822 conformant:
502 // - strip excessive whitespace
503 // - strip special characters
504 $phrase = preg_replace('/\s\s+/', ' ', $phrase);
505 $phrase = preg_replace('/[()<>@,;:\\".\[\]]/', '', $phrase);
506
507 $mailbox = $phrase.' <'.$mailbox.'>';
508 }
509 }
510
511 require_once './Services/PEAR/lib/Mail/RFC822.php';
512 $obj = new Mail_RFC822($mailbox, ilMail::ILIAS_HOST);
513 if(@$obj->parseAddressList() instanceof PEAR_Error)
514 {
515 $q = "SELECT title ".
516 "FROM object_data ".
517 "WHERE obj_id = ".$this->ilDB->quote($a_role_id ,'integer');
518 $r = $this->ilDB->query($q);
519
520 if ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
521 {
522 return '#'.$row->title;
523 }
524 else
525 {
526 return null;
527 }
528 }
529
530 return $mailbox;
531 }
532 else
533 {
534 $q = "SELECT title ".
535 "FROM object_data ".
536 "WHERE obj_id = ".$this->ilDB->quote($a_role_id ,'integer');
537 $r = $this->ilDB->query($q);
538
539 if ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
540 {
541 return '#'.$row->title;
542 }
543 else
544 {
545 return null;
546 }
547 }
548 }
Mail_RFC822
Definition: RFC822.php:70
PEAR_Error
Definition: PEAR.php:827
ilMail\ILIAS_HOST
const ILIAS_HOST
Definition: class.ilMail.php:213
$lng
global $lng
Definition: privfeed.php:40

References $ilDB, $lng, $log, $query, $row, DB_FETCHMODE_OBJECT, if, ilMail\ILIAS_HOST, and ilDB\query().

+ Here is the call graph for this function:

◆ getRoleOperationsOnObject()

ilRbacReview::getRoleOperationsOnObject (   $a_role_id,
  $a_ref_id 
)

@global ilDB $ilDB

Parameters
type$a_role_id
type$a_ref_id
Returns
type
Todo:
rafactor rolf => DONE

Definition at line 1488 of file class.ilRbacReview.php.

1489 {
1490 global $ilDB;
1491
1492 $query = "SELECT * FROM rbac_pa ".
1493 "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ".
1494 "AND ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
1495
1496 $res = $ilDB->query($query);
1497 while($row = $ilDB->fetchObject($res))
1498 {
1499 $ops = unserialize($row->ops_id);
1500 }
1501
1502 return $ops ? $ops : array();
1503 }

References $ilDB, $query, $res, and $row.

◆ getRolesByFilter()

ilRbacReview::getRolesByFilter (   $a_filter = 0,
  $a_user_id = 0,
  $title_filter = '' 
)

@global ilDB $ilDB

Parameters
type$a_filter
type$a_user_id
type$title_filter
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1690 of file class.ilRbacReview.php.

1691 {
1692 global $ilDB;
1693
1694 $assign = "y";
1695
1696 switch($a_filter)
1697 {
1698 // all (assignable) roles
1699 case self::FILTER_ALL:
1700 return $this->getAssignableRoles(true,true,$title_filter);
1701 break;
1702
1703 // all (assignable) global roles
1704 case self::FILTER_ALL_GLOBAL:
1705 $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),false,'integer').' ';
1706 break;
1707
1708 // all (assignable) local roles
1709 case self::FILTER_ALL_LOCAL:
1710 case self::FILTER_INTERNAL:
1711 case self::FILTER_NOT_INTERNAL:
1712 $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),true,'integer');
1713 break;
1714
1715 // all role templates
1716 case self::FILTER_TEMPLATES:
1717 $where = "WHERE object_data.type = 'rolt'";
1718 $assign = "n";
1719 break;
1720
1721 // only assigned roles, handled by ilObjUserGUI::roleassignmentObject()
1722 case 0:
1723 default:
1724 if(!$a_user_id)
1725 return array();
1726
1727 $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->assignedRoles($a_user_id),false,'integer').' ';
1728 break;
1729 }
1730
1731 $roles = array();
1732
1733 $query = "SELECT * FROM object_data ".
1734 "JOIN rbac_fa ON obj_id = rol_id ".
1735 $where.
1736 "AND rbac_fa.assign = ".$ilDB->quote($assign,'text')." ";
1737
1738 if(strlen($title_filter))
1739 {
1740 $query .= (' AND '.$ilDB->like(
1741 'title',
1742 'text',
1743 '%'.$title_filter.'%'
1744 ));
1745 }
1746
1747 $res = $ilDB->query($query);
1748 while($row = $ilDB->fetchAssoc($res))
1749 {
1750 $prefix = (substr($row["title"],0,3) == "il_") ? true : false;
1751
1752 // all (assignable) internal local roles only
1753 if ($a_filter == 4 and !$prefix)
1754 {
1755 continue;
1756 }
1757
1758 // all (assignable) non internal local roles only
1759 if ($a_filter == 5 and $prefix)
1760 {
1761 continue;
1762 }
1763
1764 $row["desc"] = $row["description"];
1765 $row["user_id"] = $row["owner"];
1766 $roles[] = $row;
1767 }
1768
1769 $roles = $this->__setRoleType($roles);
1770
1771 return $roles ? $roles : array();
1772 }
ilRbacReview\getAssignableRoles
getAssignableRoles($a_templates=false, $a_internal_roles=false, $title_filter='')
Returns a list of all assignable roles @access public.
Definition: class.ilRbacReview.php:708

References $ilDB, $query, $res, $row, __setRoleType(), assignedRoles(), FILTER_ALL, FILTER_ALL_GLOBAL, FILTER_ALL_LOCAL, FILTER_INTERNAL, FILTER_NOT_INTERNAL, FILTER_TEMPLATES, getAssignableRoles(), and getGlobalRoles().

+ Here is the call graph for this function:

◆ getRolesForIDs()

ilRbacReview::getRolesForIDs (   $role_ids,
  $use_templates 
)

@global ilDB $ilDB

Parameters
type$role_ids
type$use_templates
Returns
type
Todo:
refactor rolf => DONE

Definition at line 2155 of file class.ilRbacReview.php.

2156 {
2157 global $ilDB;
2158
2159 $role_list = array();
2160
2161 $where = $this->__setTemplateFilter($use_templates);
2162
2163 $query = "SELECT * FROM object_data ".
2164 "JOIN rbac_fa ON object_data.obj_id = rbac_fa.rol_id ".
2165 $where.
2166 "AND rbac_fa.assign = 'y' " .
2167 'AND '.$ilDB->in('object_data.obj_id',$role_ids,false,'integer');
2168
2169 $res = $ilDB->query($query);
2170 while($row = $ilDB->fetchAssoc($res))
2171 {
2172 $row["desc"] = $row["description"];
2173 $row["user_id"] = $row["owner"];
2174 $role_list[] = $row;
2175 }
2176
2177 $role_list = $this->__setRoleType($role_list);
2178 return $role_list;
2179 }

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

+ Here is the call graph for this function:

◆ getRolesOfObject()

ilRbacReview::getRolesOfObject (   $a_ref_id,
  $a_assignable_only = FALSE 
)

Get roles of object.

Parameters
type$a_ref_id
type$a_assignable
Exceptions
InvalidArgumentException
Todo:
refactor rolf => DONE

Definition at line 1165 of file class.ilRbacReview.php.

1166 {
1167 global $ilDB;
1168
1169 if(!isset($a_ref_id))
1170 {
1171 $GLOBALS['ilLog']->logStack();
1172 throw new InvalidArgumentException(__METHOD__.': No ref_id given!');
1173 }
1174 if($a_assignable_only === TRUE)
1175 {
1176 $and = 'AND assign = '.$ilDB->quote('y','text');
1177 }
1178 $query = "SELECT rol_id FROM rbac_fa ".
1179 "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
1180 $and;
1181
1182 $res = $ilDB->query($query);
1183
1184 $role_ids = array();
1185 while($row = $ilDB->fetchObject($res))
1186 {
1187 $role_ids[] = $row->rol_id;
1188 }
1189 return $role_ids;
1190 }

References $GLOBALS, $ilDB, $query, $res, and $row.

◆ getRolesOfRoleFolder()

ilRbacReview::getRolesOfRoleFolder (   $a_ref_id,
  $a_nonassignable = true 
)

get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids @access public

Parameters
integerref_id of object
booleanif false only get true local roles
Returns
array Array with rol_ids
Deprecated:
since version 4.5.0
Todo:
refactor rolf => RENAME

Definition at line 1205 of file class.ilRbacReview.php.

1206 {
1207 global $ilBench,$ilDB,$ilLog;
1208
1209 $ilBench->start("RBAC", "review_getRolesOfRoleFolder");
1210
1211 if (!isset($a_ref_id))
1212 {
1213 $message = get_class($this)."::getRolesOfRoleFolder(): No ref_id given!";
1214 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1215
1216 }
1217
1218 if ($a_nonassignable === false)
1219 {
1220 $and = " AND assign='y'";
1221 }
1222
1223 $query = "SELECT rol_id FROM rbac_fa ".
1224 "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
1225 $and;
1226
1227 $res = $ilDB->query($query);
1228 while($row = $ilDB->fetchObject($res))
1229 {
1230 $rol_id[] = $row->rol_id;
1231 }
1232
1233 $ilBench->stop("RBAC", "review_getRolesOfRoleFolder");
1234
1235 return $rol_id ? $rol_id : array();
1236 }

References $ilBench, $ilDB, $ilLog, $query, $res, and $row.

Referenced by getGlobalRoles(), getGlobalRolesArray(), getLocalPolicies(), and getLocalRoles().

+ Here is the caller graph for this function:

◆ getTypeId()

ilRbacReview::getTypeId (   $a_type)

Get type id of object @global ilDB $ilDB.

Parameters
type$a_type
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1781 of file class.ilRbacReview.php.

1782 {
1783 global $ilDB;
1784
1785 $q = "SELECT obj_id FROM object_data ".
1786 "WHERE title=".$ilDB->quote($a_type ,'text')." AND type='typ'";
1787 $r = $ilDB->query($q);
1788
1789 $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
1790 return $row->obj_id;
1791 }

References $ilDB, $row, and DB_FETCHMODE_OBJECT.

◆ getUserPermissionsOnObject()

ilRbacReview::getUserPermissionsOnObject (   $a_user_id,
  $a_ref_id 
)

Get all user permissions on an object.

Parameters
int$a_user_iduser id
int$a_ref_idref id
Todo:
refactor rolf => DONE

Definition at line 2283 of file class.ilRbacReview.php.

2284 {
2285 global $ilDB;
2286
2287 $query = "SELECT ops_id FROM rbac_pa JOIN rbac_ua ".
2288 "ON (rbac_pa.rol_id = rbac_ua.rol_id) ".
2289 "WHERE rbac_ua.usr_id = ".$ilDB->quote($a_user_id,'integer')." ".
2290 "AND rbac_pa.ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
2291
2292 $res = $ilDB->query($query);
2293 $all_ops = array();
2294 while ($row = $ilDB->fetchObject($res))
2295 {
2296 $ops = unserialize($row->ops_id);
2297 $all_ops = array_merge($all_ops, $ops);
2298 }
2299 $all_ops = array_unique($all_ops);
2300
2301 $set = $ilDB->query("SELECT operation FROM rbac_operations ".
2302 " WHERE ".$ilDB->in("ops_id", $all_ops, false, "integer"));
2303 $perms = array();
2304 while ($rec = $ilDB->fetchAssoc($set))
2305 {
2306 $perms[] = $rec["operation"];
2307 }
2308
2309 return $perms;
2310 }

References $ilDB, $query, $res, and $row.

◆ hasMultipleAssignments()

ilRbacReview::hasMultipleAssignments (   $a_role_id)

Temporary bugfix.

Todo:
refactor rolf => DONE

Definition at line 1111 of file class.ilRbacReview.php.

1112 {
1113 global $ilDB;
1114
1115 $query = "SELECT * FROM rbac_fa WHERE rol_id = ".$ilDB->quote($a_role_id,'integer').' '.
1116 "AND assign = ".$ilDB->quote('y','text');
1117 $res = $ilDB->query($query);
1118 return $res->numRows() > 1;
1119 }

References $ilDB, $query, and $res.

◆ isAssignable()

ilRbacReview::isAssignable (   $a_rol_id,
  $a_ref_id 
)

Check if its possible to assign users @access public.

Parameters
integerobject id of role
integerref_id of object in question
Returns
boolean
Todo:
refactor rolf (expects object reference id instead of rolf) => DONE

Definition at line 1077 of file class.ilRbacReview.php.

1078 {
1079 global $ilBench,$ilDB;
1080
1081 $ilBench->start("RBAC", "review_isAssignable");
1082
1083 // exclude system role from rbac
1084 if ($a_rol_id == SYSTEM_ROLE_ID)
1085 {
1086 $ilBench->stop("RBAC", "review_isAssignable");
1087 return true;
1088 }
1089
1090 if (!isset($a_rol_id) or !isset($a_ref_id))
1091 {
1092 $message = get_class($this)."::isAssignable(): Missing parameter!".
1093 " role_id: ".$a_rol_id." ,ref_id: ".$a_ref_id;
1094 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1095 }
1096 $query = "SELECT * FROM rbac_fa ".
1097 "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1098 "AND parent = ".$ilDB->quote($a_ref_id,'integer')." ";
1099 $res = $ilDB->query($query);
1100 $row = $ilDB->fetchObject($res);
1101
1102 $ilBench->stop("RBAC", "review_isAssignable");
1103 return $row->assign == 'y' ? true : false;
1104 }

References $ilBench, $ilDB, $query, $res, and $row.

Referenced by getLocalRoles(), and isDeleteable().

+ Here is the caller graph for this function:

◆ isAssigned()

ilRbacReview::isAssigned (   $a_usr_id,
  $a_role_id 
)

check if a specific user is assigned to specific role @access public

Parameters
integerusr_id
integerrole_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 978 of file class.ilRbacReview.php.

979 {
980 if(isset(self::$is_assigned_cache[$a_role_id][$a_usr_id])) {
981 return self::$is_assigned_cache[$a_role_id][$a_usr_id];
982 }
983 // Quickly determine if user is assigned to a role
984 global $ilDB;
985
986 $ilDB->setLimit(1,0);
987 $query = "SELECT usr_id FROM rbac_ua WHERE ".
988 "rol_id= ".$ilDB->quote($a_role_id,'integer')." ".
989 "AND usr_id= ".$ilDB->quote($a_usr_id);
990 $res = $ilDB->query($query);
991
992 $is_assigned = $res->numRows() == 1;
993 self::$is_assigned_cache[$a_role_id][$a_usr_id] = $is_assigned;
994
995 return $is_assigned;
996 }

References $ilDB, $query, and $res.

◆ isAssignedToAtLeastOneGivenRole()

ilRbacReview::isAssignedToAtLeastOneGivenRole (   $a_usr_id,
  $a_role_ids 
)

check if a specific user is assigned to at least one of the given role ids.

This function is used to quickly check whether a user is member of a course or a group.

@access public

Parameters
integerusr_id
array[integer]role_ids
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1010 of file class.ilRbacReview.php.

1011 {
1012 global $ilDB;
1013
1014 $ilDB->setLimit(1,0);
1015 $query = "SELECT usr_id FROM rbac_ua WHERE ".
1016 $ilDB->in('rol_id',$a_role_ids,false,'integer').
1017 " AND usr_id= ".$ilDB->quote($a_usr_id);
1018 $res = $ilDB->query($query);
1019
1020 return $ilDB->numRows($res) == 1;
1021 }

References $ilDB, $query, and $res.

◆ isDeleteable()

ilRbacReview::isDeleteable (   $a_role_id,
  $a_rolf_id 
)

Check if role is deleteable at a specific position.

Parameters
object$a_role_id
introlf_id
Returns
Todo:
refactor rolf => DONE

Definition at line 2215 of file class.ilRbacReview.php.

2216 {
2217 if(!$this->isAssignable($a_role_id, $a_rolf_id))
2218 {
2219 return false;
2220 }
2221 if($a_role_id == SYSTEM_ROLE_ID or $a_role_id == ANONYMOUS_ROLE_ID)
2222 {
2223 return false;
2224 }
2225 if(substr(ilObject::_lookupTitle($a_role_id),0,3) == 'il_')
2226 {
2227 return false;
2228 }
2229 return true;
2230 }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:931

References ilObject\_lookupTitle(), and isAssignable().

+ Here is the call graph for this function:

◆ isDeleted()

ilRbacReview::isDeleted (   $a_node_id)

Checks if a rolefolder is set as deleted (negative tree_id) @access public.

Parameters
integerref_id of rolefolder
Returns
boolean true if rolefolder is set as deleted
Todo:
refactor rolf => DELETE method

Definition at line 1642 of file class.ilRbacReview.php.

1643 {
1644 global $ilDB;
1645
1646 $q = "SELECT tree FROM tree WHERE child =".$ilDB->quote($a_node_id)." ";
1647 $r = $this->ilDB->query($q);
1648
1649 $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
1650
1651 if (!$row)
1652 {
1653 $message = sprintf('%s::isDeleted(): Role folder with ref_id %s not found!',
1654 get_class($this),
1655 $a_node_id);
1656 $this->log->write($message,$this->log->FATAL);
1657
1658 return true;
1659 }
1660
1661 // rolefolder is deleted
1662 if ($row->tree < 0)
1663 {
1664 return true;
1665 }
1666
1667 return false;
1668 }

References $ilDB, $row, DB_FETCHMODE_OBJECT, and ilDB\query().

Referenced by isRoleDeleted().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isGlobalRole()

ilRbacReview::isGlobalRole (   $a_role_id)

Check if role is a global role.

Parameters
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1676 of file class.ilRbacReview.php.

1677 {
1678 return in_array($a_role_id,$this->getGlobalRoles());
1679 }

References getGlobalRoles().

+ Here is the call graph for this function:

◆ isProtected()

ilRbacReview::isProtected (   $a_ref_id,
  $a_role_id 
)
Todo:
refactor rolf => search calls @global ilDB $ilDB
Parameters
type$a_ref_id
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1907 of file class.ilRbacReview.php.

1908 {
1909 global $ilDB;
1910
1911 // ref_id not used yet. protected permission acts 'global' for each role,
1912 $query = "SELECT protected FROM rbac_fa ".
1913 "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
1914 $res = $ilDB->query($query);
1915 $row = $ilDB->fetchAssoc($res);
1916
1917 return ilUtil::yn2tf($row['protected']);
1918 }
ilUtil\yn2tf
static yn2tf($a_yn)
convert "y"/"n" to true/false
Definition: class.ilUtil.php:3278

References $ilDB, $query, $res, $row, and ilUtil\yn2tf().

+ Here is the call graph for this function:

◆ isRoleAssignedToObject()

ilRbacReview::isRoleAssignedToObject (   $a_role_id,
  $a_parent_id 
)

Check if role is assigned to an object.

Todo:
refactor rolf => DONE (renamed)

Definition at line 1326 of file class.ilRbacReview.php.

1327 {
1328 global $rbacreview, $ilDB;
1329
1330 $query = 'SELECT * FROM rbac_fa '.
1331 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1332 'AND parent = '.$ilDB->quote($a_parent_id,'integer');
1333 $res = $ilDB->query($query);
1334 return $res->numRows() ? true : false;
1335 }

References $ilDB, $query, and $res.

◆ isRoleDeleted()

ilRbacReview::isRoleDeleted (   $a_role_id)

return if role is only attached to deleted role folders

Parameters
int$a_role_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 2129 of file class.ilRbacReview.php.

2130 {
2131 $rolf_list = $this->getFoldersAssignedToRole($a_role_id, false);
2132 $deleted = true;
2133 if (count($rolf_list))
2134 {
2135 foreach ($rolf_list as $rolf) {
2136 // only list roles that are not set to status "deleted"
2137 if (!$this->isDeleted($rolf))
2138 {
2139 $deleted = false;
2140 break;
2141 }
2142 }
2143 }
2144 return $deleted;
2145 }
ilRbacReview\isDeleted
isDeleted($a_node_id)
Checks if a rolefolder is set as deleted (negative tree_id) @access public.
Definition: class.ilRbacReview.php:1642
ilRbacReview\getFoldersAssignedToRole
getFoldersAssignedToRole($a_rol_id, $a_assignable=false)
Returns an array of objects assigned to a role.
Definition: class.ilRbacReview.php:1132

References getFoldersAssignedToRole(), and isDeleted().

+ Here is the call graph for this function:

◆ isSystemGeneratedRole()

ilRbacReview::isSystemGeneratedRole (   $a_role_id)

Check if the role is system generate role or role template.

Parameters
int$a_role_id
Returns
bool
Todo:
refactor rolf => DONE

Definition at line 2238 of file class.ilRbacReview.php.

2239 {
2240 $title = ilObject::_lookupTitle($a_role_id);
2241 return substr($title,0,3) == 'il_' ? true : false;
2242 }

References ilObject\_lookupTitle().

+ Here is the call graph for this function:

◆ lookupCreateOperationIds()

static ilRbacReview::lookupCreateOperationIds (   $a_type_arr)
static

Lookup operation ids.

Parameters
array$a_type_arre.g array('cat','crs','grp'). The operation name (e.g. 'create_cat') is generated automatically
Returns
array int Array with operation ids
Todo:
refactor rolf => DONE

Definition at line 1866 of file class.ilRbacReview.php.

1867 {
1868 global $ilDB;
1869
1870 $operations = array();
1871 foreach($a_type_arr as $type)
1872 {
1873 $operations[] = ('create_'.$type);
1874 }
1875
1876 if(!count($operations))
1877 {
1878 return array();
1879 }
1880
1881 $query = 'SELECT ops_id, operation FROM rbac_operations '.
1882 'WHERE '.$ilDB->in('operation',$operations,false,'text');
1883
1884 $res = $ilDB->query($query);
1885
1886 $ops_ids = array();
1887 while($row = $ilDB->fetchObject($res))
1888 {
1889 $type_arr = explode('_', $row->operation);
1890 $type = $type_arr[1];
1891
1892 $ops_ids[$type] = $row->ops_id;
1893 }
1894 return $ops_ids;
1895 }

References $ilDB, $query, $res, and $row.

Referenced by ilObjectXMLWriter\__appendOperations(), ilObjectRolePermissionTableGUI\parse(), ilObjectRoleTemplatePermissionTableGUI\parse(), and ilPermissionGUI\savePermissions().

+ Here is the caller graph for this function:

◆ roleExists()

ilRbacReview::roleExists (   $a_title,
  $a_id = 0 
)

Checks if a role already exists.

Role title should be unique @access public

Parameters
stringrole title
integerobj_id of role to exclude in the check. Commonly this is the current role you want to edit
Returns
boolean true if exists
Todo:
refactor rolf => DONE

Definition at line 559 of file class.ilRbacReview.php.

560 {
561 global $ilDB;
562
563 if (empty($a_title))
564 {
565 $message = get_class($this)."::roleExists(): No title given!";
566 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
567 }
568
569 $clause = ($a_id) ? " AND obj_id != ".$ilDB->quote($a_id)." " : "";
570
571 $q = "SELECT DISTINCT(obj_id) obj_id FROM object_data ".
572 "WHERE title =".$ilDB->quote($a_title)." ".
573 "AND type IN('role','rolt')".
574 $clause." ";
575 $r = $this->ilDB->query($q);
576
577 while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
578 {
579 return $row->obj_id;
580 }
581 return false;
582 }

References $ilDB, $row, DB_FETCHMODE_OBJECT, and ilDB\query().

+ Here is the call graph for this function:

◆ searchRolesByMailboxAddressList()

ilRbacReview::searchRolesByMailboxAddressList (   $a_address_list)

Finds all role ids that match the specified user friendly role mailbox address list.

The role mailbox name address list is an e-mail address list according to IETF RFC 822:

address list = role mailbox, {"," role mailbox } ; role mailbox = "#", local part, ["@" domain] ;

Examples: The following role mailbox names are all resolved to the role il_crs_member_123:

#Course.A #member@Course.A #il_crs_member_123@Course.A #il_crs_member_123 #il_crs_member_123@ilias

Examples: The following role mailbox names are all resolved to the role il_crs_member_345:

#member@[English Course] #il_crs_member_345@[English Course] #il_crs_member_345 #il_crs_member_345@ilias

If only the local part is specified, or if domain is equal to "ilias", ILIAS compares the title of role objects with local part. Only roles that are not in a trash folder are considered for the comparison.

If a domain is specified, and if the domain is not equal to "ilias", ILIAS compares the title of objects with the domain. Only objects that are not in a trash folder are considered for the comparison. Then ILIAS searches for local roles which contain the local part in their title. This allows for abbreviated role names, e.g. instead of having to specify #il_grp_member_345@MyGroup, it is sufficient to specify #member@MyGroup.

The address list may contain addresses thate are not role mailboxes. These addresses are ignored.

If a role mailbox address is ambiguous, this function returns the ID's of all role objects that are possible recipients for the role mailbox address.

If Pear Mail is not installed, then the mailbox address

@access public

Parameters
stringIETF RFX 822 address list containing role mailboxes.
Returns
int[] Array with role ids that were found
Todo:
refactor rolf

Definition at line 115 of file class.ilRbacReview.php.

116 {
117 global $ilDB;
118
119 $role_ids = array();
120
121 include_once "Services/Mail/classes/class.ilMail.php";
122 if(ilMail::_usePearMail())
123 {
124 require_once './Services/PEAR/lib/Mail/RFC822.php';
125 $parser = new Mail_RFC822();
126 $parsedList = $parser->parseAddressList($a_address_list, ilMail::ILIAS_HOST, false, true);
127 foreach ($parsedList as $address)
128 {
129 $local_part = $address->mailbox;
130 if (strpos($local_part,'#') !== 0 &&
131 !($local_part{0} == '"' && $local_part{1} == "#"))
132 {
133 // A local-part which doesn't start with a '#' doesn't denote a role.
134 // Therefore we can skip it.
135 continue;
136 }
137
138 $local_part = substr($local_part, 1);
139
140 /* If role contains spaces, eg. 'foo role', double quotes are added which have to be
141 removed here.*/
142 if( $local_part{0} == '#' && $local_part{strlen($local_part) - 1} == '"' )
143 {
144 $local_part = substr($local_part, 1);
145 $local_part = substr($local_part, 0, strlen($local_part) - 1);
146 }
147
148 if (substr($local_part,0,8) == 'il_role_')
149 {
150 $role_id = substr($local_part,8);
151 $query = "SELECT t.tree ".
152 "FROM rbac_fa fa ".
153 "JOIN tree t ON t.child = fa.parent ".
154 "WHERE fa.rol_id = ".$this->ilDB->quote($role_id,'integer')." ".
155 "AND fa.assign = 'y' ".
156 "AND t.tree = 1";
157 $r = $ilDB->query($query);
158 if ($r->numRows() > 0)
159 {
160 $role_ids[] = $role_id;
161 }
162 continue;
163 }
164
165
166 $domain = $address->host;
167 if (strpos($domain,'[') == 0 && strrpos($domain,']'))
168 {
169 $domain = substr($domain,1,strlen($domain) - 2);
170 }
171 if (strlen($local_part) == 0)
172 {
173 $local_part = $domain;
174 $address->host = ilMail::ILIAS_HOST;
175 $domain = ilMail::ILIAS_HOST;
176 }
177
178 if (strtolower($address->host) == ilMail::ILIAS_HOST)
179 {
180 // Search for roles = local-part in the whole repository
181 $query = "SELECT dat.obj_id ".
182 "FROM object_data dat ".
183 "JOIN rbac_fa fa ON fa.rol_id = dat.obj_id ".
184 "JOIN tree t ON t.child = fa.parent ".
185 "WHERE dat.title =".$this->ilDB->quote($local_part,'text')." ".
186 "AND dat.type = 'role' ".
187 "AND fa.assign = 'y' ".
188 "AND t.tree = 1";
189 }
190 else
191 {
192 // Search for roles like local-part in objects = host
193 $query = "SELECT rdat.obj_id ".
194 "FROM object_data odat ".
195 "JOIN object_reference oref ON oref.obj_id = odat.obj_id ".
196 "JOIN tree otree ON otree.child = oref.ref_id ".
197 "JOIN rbac_fa rfa ON rfa.parent = otree.child ".
198 "JOIN object_data rdat ON rdat.obj_id = rfa.rol_id ".
199 "WHERE odat.title = ".$this->ilDB->quote($domain,'text')." ".
200 "AND otree.tree = 1 ".
201 "AND rfa.assign = 'y' ".
202 "AND rdat.title LIKE ".
203 $this->ilDB->quote('%'.preg_replace('/([_%])/','\\\\$1',$local_part).'%','text');
204 }
205 $r = $ilDB->query($query);
206
207 $count = 0;
208 while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
209 {
210 $role_ids[] = $row->obj_id;
211 $count++;
212 }
213
214 // Nothing found?
215 // In this case, we search for roles = host.
216 if ($count == 0 && strtolower($address->host) == ilMail::ILIAS_HOST)
217 {
218 $q = "SELECT dat.obj_id ".
219 "FROM object_data dat ".
220 "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
221 "JOIN tree t ON t.child = ref.ref_id ".
222 "WHERE dat.title = ".$this->ilDB->quote($domain ,'text')." ".
223 "AND dat.type = 'role' ".
224 "AND t.tree = 1 ";
225 $r = $this->ilDB->query($q);
226
227 while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
228 {
229 $role_ids[] = $row->obj_id;
230 }
231 }
232 //echo '<br>ids='.var_export($role_ids,true);
233 }
234 }
235 else
236 {
237 // the following code is executed, when Pear Mail is
238 // not installed
239
240 $titles = explode(',', $a_address_list);
241
242 $titleList = '';
243 foreach ($titles as $title)
244 {
245 if (strlen($inList) > 0)
246 {
247 $titleList .= ',';
248 }
249 $title = trim($title);
250 if (strpos($title,'#') == 0)
251 {
252 $titleList .= $this->ilDB->quote(substr($title, 1));
253 }
254 }
255 if (strlen($titleList) > 0)
256 {
257 $q = "SELECT obj_id ".
258 "FROM object_data ".
259 "WHERE title IN (".$titleList.") ".
260 "AND type='role'";
261 $r = $this->ilDB->query($q);
262 while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
263 {
264 $role_ids[] = $row->obj_id;
265 }
266 }
267 }
268
269 return $role_ids;
270 }
ilDB\quote
quote($a_query, $a_type=null)
Wrapper for quote method.
Definition: class.ilDB.php:2285

References $ilDB, $query, $row, DB_FETCHMODE_OBJECT, ilMail\ILIAS_HOST, ilDB\query(), and ilDB\quote().

+ Here is the call graph for this function:

◆ setAssignedCacheEntry()

ilRbacReview::setAssignedCacheEntry (   $a_role_id,
  $a_user_id,
  $a_value 
)

set entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id
bool$a_value

Definition at line 2318 of file class.ilRbacReview.php.

2319 {
2320 self::$is_assigned_cache[$a_role_id][$a_user_id] = $a_value;
2321 }

Field Documentation

◆ $_opsCache

ilRbacReview::$_opsCache = null
staticprivate

Definition at line 32 of file class.ilRbacReview.php.

◆ $assigned_roles

ilRbacReview::$assigned_roles = array()
protected

Definition at line 28 of file class.ilRbacReview.php.

◆ $assigned_users_cache

ilRbacReview::$assigned_users_cache = array()
staticprotected

Definition at line 37 of file class.ilRbacReview.php.

◆ $is_assigned_cache

ilRbacReview::$is_assigned_cache = array()
staticprotected

Definition at line 42 of file class.ilRbacReview.php.

◆ $log

ilRbacReview::$log = null

Definition at line 29 of file class.ilRbacReview.php.

Referenced by __setProtectedStatus(), and getRoleMailboxAddress().

◆ FILTER_ALL

const ilRbacReview::FILTER_ALL = 1

Definition at line 21 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_ALL_GLOBAL

const ilRbacReview::FILTER_ALL_GLOBAL = 2

Definition at line 22 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_ALL_LOCAL

const ilRbacReview::FILTER_ALL_LOCAL = 3

Definition at line 23 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_INTERNAL

const ilRbacReview::FILTER_INTERNAL = 4

Definition at line 24 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_NOT_INTERNAL

const ilRbacReview::FILTER_NOT_INTERNAL = 5

Definition at line 25 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_TEMPLATES

const ilRbacReview::FILTER_TEMPLATES = 6

Definition at line 26 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

The documentation for this class was generated from the following file: