ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f870
class.ilObjectRolePermissionTableGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4include_once ('./Services/Table/classes/class.ilTable2GUI.php');
5include_once './Services/AccessControl/classes/class.ilPermissionGUI.php';
6
16class ilObjectRolePermissionTableGUI extends ilTable2GUI
17{
18 const ROLE_FILTER_ALL = 1;
19 const ROLE_FILTER_GLOBAL = 2;
20 const ROLE_FILTER_LOCAL = 3;
21 const ROLE_FILTER_LOCAL_POLICY = 4;
22 const ROLE_FILTER_LOCAL_OBJECT = 5;
23
24 private $ref_id = null;
25 private $roles = array();
26
27 private $tree_path_ids = array();
28
29 private $activeOperations = array();
30 private $visible_roles = array();
31
36 public function __construct($a_parent_obj,$a_parent_cmd, $a_ref_id)
37 {
38 global $ilCtrl,$rbacreview,$tpl,$tree;
39
40 parent::__construct($a_parent_obj,$a_parent_cmd);
41
42 $this->lng->loadLanguageModule('rbac');
43
44 $this->ref_id = $a_ref_id;
45 $this->tree_path_ids = $tree->getPathId($this->ref_id);
46
47 $this->setId('objroleperm_'.$this->ref_id);
48
49 $tpl->addJavaScript('./Services/AccessControl/js/ilPermSelect.js');
50
51 $this->setTitle($this->lng->txt('permission_settings'));
52 $this->setEnableHeader(true);
53 $this->disable('sort');
54 $this->setFormAction($ilCtrl->getFormAction($a_parent_obj, $a_parent_cmd));
55 $this->disable('numinfo');
56 $this->setRowTemplate("tpl.obj_role_perm_row.html", "Services/AccessControl");
57 $this->setLimit(100);
58 $this->setShowRowsSelector(false);
59 $this->setDisableFilterHiding(true);
60 $this->setNoEntriesText($this->lng->txt('msg_no_roles_of_type'));
61
62 $this->addCommandButton('savePermissions', $this->lng->txt('save'));
63
64 $this->initFilter();
65 }
66
67
72 public function getPathIds()
73 {
74 return (array) $this->tree_path_ids;
75 }
76
81 public function getRefId()
82 {
83 return $this->ref_id;
84 }
85
90 public function getObjId()
91 {
92 return ilObject::_lookupObjId($this->getRefId());
93 }
94
99 public function getObjType()
100 {
101 return ilObject::_lookupType($this->getObjId());
102 }
103
109 public function addActiveOperation($a_ops_id)
110 {
111 $this->activeOperations[] = $a_ops_id;
112 }
113
118 public function getActiveOperations()
119 {
120 return (array) $this->activeOperations;
121 }
122
128 public function setVisibleRoles($a_ar)
129 {
130 $this->visible_roles = $a_ar;
131 }
132
137 public function getVisibleRoles()
138 {
139 return $this->visible_roles;
140 }
141
146 public function initFilter()
147 {
148 global $tree;
149
150 $roles = $this->addFilterItemByMetaType(
151 'role',
152 ilTable2GUI::FILTER_SELECT
153 );
154
155 // Limit filter to local roles only for objects with group or course in path
156 if(!$roles->getValue())
157 {
158 if ($tree->checkForParentType($this->getRefId(), 'crs') or
159 $tree->checkForParentType($this->getRefId(), 'grp'))
160 {
161 $roles->setValue(self::ROLE_FILTER_LOCAL);
162 }
163 else
164 {
165 $roles->setValue(self::ROLE_FILTER_ALL);
166 }
167 }
168
169
170 $roles->setOptions(
171 array(
172 self::ROLE_FILTER_ALL => $this->lng->txt('filter_all_roles'),
173 self::ROLE_FILTER_GLOBAL => $this->lng->txt('filter_global_roles'),
174 self::ROLE_FILTER_LOCAL => $this->lng->txt('filter_local_roles'),
175 self::ROLE_FILTER_LOCAL_POLICY => $this->lng->txt('filter_roles_local_policy'),
176 self::ROLE_FILTER_LOCAL_OBJECT => $this->lng->txt('filter_local_roles_object')
177 )
178 );
179
180 }
181
187 public function fillRow($row)
188 {
189 global $objDefinition;
190
191
192 // local policy
193 if(isset($row['show_local_policy_row']))
194 {
195 foreach($row['roles'] as $role_id => $role_info)
196 {
197 $this->tpl->setCurrentBlock('role_option');
198 $this->tpl->setVariable('INHERIT_ROLE_ID',$role_id);
199 $this->tpl->setVariable('INHERIT_CHECKED',$role_info['local_policy'] ? 'checked=checked' : '');
200 $this->tpl->setVariable('INHERIT_DISABLED',($role_info['protected'] or $role_info['isLocal']) ? 'disabled="disabled"' : '');
201 $this->tpl->setVariable('TXT_INHERIT',$this->lng->txt('rbac_local_policy'));
202 $this->tpl->setVariable('INHERIT_LONG',$this->lng->txt('perm_use_local_policy_desc'));
203 $this->tpl->parseCurrentBlock();
204 }
205 return true;
206 }
207 // protected
208 if(isset($row['show_protected_row']))
209 {
210 foreach($row['roles'] as $role_id => $role_info)
211 {
212 $this->tpl->setCurrentBlock('role_protect');
213 $this->tpl->setVariable('PROTECT_ROLE_ID',$role_id);
214 $this->tpl->setVariable('PROTECT_CHECKED',$role_info['protected_status'] ? 'checked=checked' : '');
215 $this->tpl->setVariable('PROTECT_DISABLED',$role_info['protected_allowed'] ? '' : 'disabled="disabled"');
216 $this->tpl->setVariable('TXT_PROTECT',$this->lng->txt('role_protect_permissions'));
217 $this->tpl->setVariable('PROTECT_LONG',$this->lng->txt('role_protect_permissions_desc'));
218 $this->tpl->parseCurrentBlock();
219 }
220 return true;
221 }
222
223 // block role
224 if(isset($row['show_block_row']))
225 {
226 foreach($this->getVisibleRoles() as $counter => $role_info)
227 {
228 $this->tpl->setCurrentBlock('role_block');
229 $this->tpl->setVariable('BLOCK_ROLE_ID',$role_info['obj_id']);
230 $this->tpl->setVariable('TXT_BLOCK',$this->lng->txt('role_block_role'));
231 $this->tpl->setVariable('BLOCK_LONG',$this->lng->txt('role_block_role_desc'));
232 if($role_info['protected'] == 'y')
233 {
234 $this->tpl->setVariable('BLOCK_DISABLED','disabled="disabled');
235 }
236
237 $this->tpl->parseCurrentBlock();
238 }
239 return true;
240 }
241
242 // Select all
243 if(isset($row['show_select_all']))
244 {
245 foreach($this->getVisibleRoles() as $role)
246 {
247 $this->tpl->setCurrentBlock('role_select_all');
248 $this->tpl->setVariable('JS_ROLE_ID',$role['obj_id']);
249 $this->tpl->setVariable('JS_SUBID',$row['subtype']);
250 $this->tpl->setVariable('JS_ALL_PERMS',"['".implode("','",$row['ops'])."']");
251 $this->tpl->setVariable('JS_FORM_NAME',$this->getFormName());
252 $this->tpl->setVariable('TXT_SEL_ALL',$this->lng->txt('select_all'));
253 $this->tpl->parseCurrentBlock();
254 }
255 return true;
256 }
257
258 // Object permissions
259 if(isset($row['show_start_info']))
260 {
261 $this->tpl->setCurrentBlock('section_info');
262 $this->tpl->setVariable('SECTION_TITLE',$this->lng->txt('perm_class_object'));
263 $this->tpl->setVariable('SECTION_DESC',$this->lng->txt('perm_class_object_desc'));
264 $this->tpl->parseCurrentBlock();
265
266 return true;
267 }
268
269 if(isset($row['show_create_info']))
270 {
271 $this->tpl->setCurrentBlock('section_info');
272 $this->tpl->setVariable('SECTION_TITLE',$this->lng->txt('perm_class_create'));
273 $this->tpl->setVariable('SECTION_DESC',$this->lng->txt('perm_class_create_desc'));
274 $this->tpl->parseCurrentBlock();
275
276 return true;
277 }
278
279 foreach((array) $row['roles'] as $role_id => $role_info)
280 {
281 $this->tpl->setCurrentBlock('role_td');
282 $this->tpl->setVariable('PERM_ROLE_ID',$role_id);
283 $this->tpl->setVariable('PERM_PERM_ID',$row['perm']['ops_id']);
284
285
286 if(substr($row['perm']['operation'],0,6) == 'create')
287 {
288 if ($objDefinition->isPlugin(substr($row['perm']['operation'],7)))
289 {
290 $perm = ilPlugin::lookupTxt("rep_robj", substr($row['perm']['operation'],7),
291 "obj_".substr($row['perm']['operation'],7));
292 }
293 else
294 {
295 $perm = $this->lng->txt('obj_'.substr($row['perm']['operation'],7));
296 }
297 }
298 else
299 {
300 if($this->lng->exists($this->getObjType().'_'.$row['perm']['operation'].'_short'))
301 {
302 $perm = $this->lng->txt($this->getObjType().'_'.$row['perm']['operation'].'_short');
303 }
304 else
305 {
306 $perm = $this->lng->txt($row['perm']['operation']);
307 }
308 }
309
310 $this->tpl->setVariable('TXT_PERM',$perm);
311
312 if ($objDefinition->isPlugin($this->getObjType()))
313 {
314 $this->tpl->setVariable('PERM_LONG',ilPlugin::lookupTxt("rep_robj", $this->getObjType(),
315 $this->getObjType()."_".$row['perm']['operation']));
316 }
317 elseif(substr($row['perm']['operation'],0,6) == 'create')
318 {
319 $this->tpl->setVariable('PERM_LONG',$this->lng->txt('rbac_'.$row['perm']['operation']));
320 }
321 else
322 {
323 $this->tpl->setVariable('PERM_LONG',$this->lng->txt($this->getObjType().'_'.$row['perm']['operation']));
324 }
325
326 if($role_info['protected'])
327 {
328 $this->tpl->setVariable('PERM_DISABLED',$role_info['protected'] ? 'disabled="disabled"' : '');
329 }
330 if($role_info['permission_set'])
331 {
332 $this->tpl->setVariable('PERM_CHECKED','checked="checked"');
333 }
334
335 $this->tpl->parseCurrentBlock();
336 }
337 }
338
339
344 public function parse()
345 {
346 global $rbacreview,$objDefinition;
347
348 $this->initColumns();
349
350 $perms = array();
351 $roles = array();
352
353 if(!count($this->getVisibleRoles()))
354 {
355 return $this->setData(array());
356 }
357
358 // Read operations of role
359 $operations = array();
360 foreach($this->getVisibleRoles() as $role_data)
361 {
362 $operations[$role_data['obj_id']] = $rbacreview->getActiveOperationsOfRole($this->getRefId(), $role_data['obj_id']);
363 }
364
365 $counter = 0;
366
367 // Local policy
368 if(ilPermissionGUI::hasContainerCommands($this->getObjType()))
369 {
370 $roles = array();
371 $local_roles = $rbacreview->getRolesOfObject($this->getRefId());
372 foreach($this->getVisibleRoles() as $role_id => $role_data)
373 {
374 $roles[$role_data['obj_id']] = array(
375 'protected' => $role_data['protected'],
376 'local_policy' => in_array($role_data['obj_id'],$local_roles),
377 'isLocal' => ($this->getRefId() == $role_data['parent']) && $role_data['assign'] == 'y'
378 );
379 }
380 $perms[$counter]['roles'] = $roles;
381 $perms[$counter]['show_local_policy_row'] = 1;
382
383 $counter++;
384 }
385
386 // Protect permissions
387 if(ilPermissionGUI::hasContainerCommands($this->getObjType()))
388 {
389 $roles = array();
390 foreach($this->getVisibleRoles() as $role_id => $role_data)
391 {
392 $roles[$role_data['obj_id']] = array(
393 'protected_allowed' => $rbacreview->isAssignable($role_data['obj_id'],$this->getRefId()),
394 'protected_status' => $rbacreview->isProtected($role_data['parent'], $role_data['obj_id'])
395 );
396 }
397 $perms[$counter]['roles'] = $roles;
398 $perms[$counter]['show_protected_row'] = 1;
399
400 $counter++;
401 }
402 // Block role
403 if(ilPermissionGUI::hasContainerCommands($this->getObjType()))
404 {
405 $perms[$counter++]['show_block_row'] = 1;
406 }
407
408
409 if(ilPermissionGUI::hasContainerCommands($this->getObjType()))
410 {
411 $perms[$counter++]['show_start_info'] = true;
412 }
413
414 // no creation permissions
415 $no_creation_operations = array();
416 foreach($rbacreview->getOperationsByTypeAndClass($this->getObjType(),'object') as $operation)
417 {
418 $this->addActiveOperation($operation);
419 $no_creation_operations[] = $operation;
420
421 $roles = array();
422 foreach($this->getVisibleRoles() as $role_data)
423 {
424
425 $roles[$role_data['obj_id']] =
426 array(
427 'protected' => $role_data['protected'],
428 'permission_set' => in_array($operation,(array) $operations[$role_data['obj_id']])
429 );
430 }
431
432 $op = $rbacreview->getOperation($operation);
433
434 $perms[$counter]['roles'] = $roles;
435 $perms[$counter]['perm'] = $op;
436 $counter++;
437
438 }
439
440 /*
441 * Select all
442 */
443 if($no_creation_operations)
444 {
445 $perms[$counter]['show_select_all'] = 1;
446 $perms[$counter]['ops'] = $no_creation_operations;
447 $perms[$counter]['subtype'] = 'nocreation';
448 $counter++;
449 }
450
451
452 if($objDefinition->isContainer($this->getObjType()))
453 {
454 $perms[$counter++]['show_create_info'] = true;
455 }
456
457 // Get creatable objects
458 $objects = $objDefinition->getCreatableSubObjects($this->getObjType());
459 $ops_ids = ilRbacReview::lookupCreateOperationIds(array_keys($objects));
460 $creation_operations = array();
461 foreach($objects as $type => $info)
462 {
463 $ops_id = $ops_ids[$type];
464
465 if(!$ops_id)
466 {
467 continue;
468 }
469
470 $this->addActiveOperation($ops_id);
471 $creation_operations[] = $ops_id;
472
473 $roles = array();
474 foreach($this->getVisibleRoles() as $role_data)
475 {
476 $roles[$role_data['obj_id']] =
477 array(
478 'protected' => $role_data['protected'],
479 'permission_set' => in_array($ops_id,(array) $operations[$role_data['obj_id']])
480 );
481 }
482
483 $op = $rbacreview->getOperation($ops_id);
484
485 $perms[$counter]['roles'] = $roles;
486 $perms[$counter]['perm'] = $op;
487 $counter++;
488
489 }
490
491
492
493 // Select all
494 if(count($creation_operations))
495 {
496 $perms[$counter]['show_select_all'] = 1;
497 $perms[$counter]['ops'] = $creation_operations;
498 $perms[$counter]['subtype'] = 'creation';
499 $counter++;
500 }
501
502 $this->setData($perms);
503 }
504
509 protected function initColumns()
510 {
511 global $rbacreview,$ilCtrl;
512
513 $roles = $rbacreview->getParentRoleIds($this->getRefId());
514 $roles = $this->getParentObject()->applyRoleFilter(
515 $roles,
516 $this->getFilterItemByPostVar('role')->getValue()
517 );
518
519 if(count($roles))
520 {
521 $column_width = 100/count($roles);
522 $column_width .= '%';
523 }
524 else
525 {
526 $column_widht = "0%";
527 }
528
529 $all_roles = array();
530 foreach($roles as $role)
531 {
532 if($role['obj_id'] == SYSTEM_ROLE_ID)
533 {
534 continue;
535 }
536
537 $role['role_type'] = $rbacreview->isGlobalRole($role['obj_id']) ? 'global' : 'local';
538
539 // TODO check filter
540 $this->addColumn(
541 $this->createTitle($role),
542 $role['obj_id'],
543 '',
544 '',
545 false,
546 $this->createTooltip($role)
547 );
548 $all_roles[] = $role;
549 }
550
551 $this->setVisibleRoles($all_roles);
552 return true;
553 }
554
560 protected function createTooltip($role)
561 {
562 global $rbacreview,$tree;
563
564 #vd($role);
565 $protected_status = $rbacreview->isProtected($role['parent'], $role['obj_id']) ? 'protected_' : '';
566 if($role['role_type'] == 'global')
567 {
568 $tp = $this->lng->txt('perm_'.$protected_status.'global_role');
569 }
570 else
571 {
572 $tp = $this->lng->txt('perm_'.$protected_status.'local_role');
573 }
574
575 $inheritance_seperator = ': ';
576
577 // Show create at info
578 if(
579 ($role['assign'] == 'y' and $role['role_type'] != 'global') or
580 ($role['assign'] == 'n' and $role['role_type'] != 'global')
581 )
582 {
583 $tp .= ': ';
584
585 $obj = $rbacreview->getObjectOfRole($role['obj_id']);
586 if($obj)
587 {
588 $tp .= sprintf(
589 $this->lng->txt('perm_role_path_info_created'),
590 $this->lng->txt('obj_'.ilObject::_lookupType($obj)),ilObject::_lookupTitle($obj)
591 );
592 $inheritance_seperator = ', ';
593 }
594 }
595
596 $path_hierarchy = $rbacreview->getObjectsWithStopedInheritance(
597 $role['obj_id'],
598 $tree->getPathId($this->getRefId())
599 );
600
601 $reduced_path_hierarchy = (array) array_diff(
602 $path_hierarchy,
603 array(
604 $this->getRefId(),
605 $rbacreview->getObjectReferenceOfRole($role['obj_id'])
606 )
607 );
608
609
610 // Inheritance
611 if($role['assign'] == 'n' and count($reduced_path_hierarchy))
612 {
613 $tp .= $inheritance_seperator;
614
615 $parent = end($reduced_path_hierarchy);
616 $p_type = ilObject::_lookupType(ilObject::_lookupObjId($parent));
617 $p_title = ilObject::_lookupTitle(ilObject::_lookupObjId($parent));
618 $tp .= sprintf($this->lng->txt('perm_role_path_info_inheritance'),$this->lng->txt('obj_'.$p_type),$p_title);
619 }
620
621 return $tp;
622 }
623
629 protected function createTitle($role)
630 {
631 global $ilCtrl;
632
633 include_once './Services/AccessControl/classes/class.ilObjRole.php';
634 $role['title'] = ilObjRole::_getTranslation($role['title']);
635
636 // No local policies
637 if($role['parent'] != $this->getRefId())
638 {
639 return $role['title'];
640 }
641 $ilCtrl->setParameterByClass('ilobjrolegui', 'obj_id', $role['obj_id']);
642
643 return '<a class="tblheader" href="'.$ilCtrl->getLinkTargetByClass('ilobjrolegui','').'" >'.$role['title'].'</a>';
644 }
645}
646?>
$tpl
global $tpl
Definition: ilias.php:8
ilObjRole\_getTranslation
_getTranslation($a_role_title)
Definition: class.ilObjRole.php:504
ilObjectRolePermissionTableGUI\__construct
__construct($a_parent_obj, $a_parent_cmd, $a_ref_id)
Constructor.
Definition: class.ilObjectRolePermissionTableGUI.php:36
ilObjectRolePermissionTableGUI\addActiveOperation
addActiveOperation($a_ops_id)
Add active operation.
Definition: class.ilObjectRolePermissionTableGUI.php:109
ilObjectRolePermissionTableGUI\createTooltip
createTooltip($role)
Create a linked title for roles with local policy.
Definition: class.ilObjectRolePermissionTableGUI.php:560
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1028
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:931
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1183
ilPermissionGUI\hasContainerCommands
static hasContainerCommands($a_type)
Check if container commands are possible for the current object type.
Definition: class.ilPermissionGUI.php:495
ilPlugin\lookupTxt
static lookupTxt($a_mod_prefix, $a_pl_id, $a_lang_var)
Lookup language text.
Definition: class.ilPlugin.php:529
ilRbacReview\lookupCreateOperationIds
static lookupCreateOperationIds($a_type_arr)
Lookup operation ids.
Definition: class.ilRbacReview.php:1866
ilTable2GUI
Class ilTable2GUI.
Definition: class.ilTable2GUI.php:16
ilTable2GUI\getFormName
getFormName()
Get Form name.
Definition: class.ilTable2GUI.php:965
ilTable2GUI\addColumn
addColumn($a_text, $a_sort_field="", $a_width="", $a_is_checkbox_action_column=false, $a_class="", $a_tooltip="")
Add a column to the header.
Definition: class.ilTable2GUI.php:1307
ilTable2GUI\setEnableHeader
setEnableHeader($a_enableheader)
Set Enable Header.
Definition: class.ilTable2GUI.php:469
ilTable2GUI\setDisableFilterHiding
setDisableFilterHiding($a_val=true)
Set disable filter hiding.
Definition: class.ilTable2GUI.php:811
ilTable2GUI\setShowRowsSelector
setShowRowsSelector($a_value)
Toggle rows-per-page selector.
Definition: class.ilTable2GUI.php:2920
ilTable2GUI\getParentObject
getParentObject()
Get parent object.
Definition: class.ilTable2GUI.php:369
ilTable2GUI\setTitle
setTitle($a_title, $a_icon=0, $a_icon_alt=0)
Set title and title icon.
Definition: class.ilTable2GUI.php:507
ilTable2GUI\setNoEntriesText
setNoEntriesText($a_text)
Set text for an empty table.
Definition: class.ilTable2GUI.php:409
ilTable2GUI\setData
setData($a_data)
set table data @access public
Definition: class.ilTable2GUI.php:547
ilTable2GUI\setRowTemplate
setRowTemplate($a_template, $a_template_dir="")
Set row template.
Definition: class.ilTable2GUI.php:1124
ilTable2GUI\getFilterItemByPostVar
getFilterItemByPostVar($a_post_var)
Definition: class.ilTable2GUI.php:767
ilTable2GUI\setId
setId($a_val)
Set id.
Definition: class.ilTable2GUI.php:975
ilTable2GUI\setFormAction
setFormAction($a_form_action, $a_multipart=false)
Set Form action parameter.
Definition: class.ilTable2GUI.php:934
ilTable2GUI\addFilterItemByMetaType
addFilterItemByMetaType($id, $type=self::FILTER_TEXT, $a_optional=false, $caption=NULL)
Add filter by standard type.
Definition: class.ilTable2GUI.php:645
ilTable2GUI\addCommandButton
addCommandButton($a_cmd, $a_text, $a_onclick='', $a_id="", $a_class=null)
Add Command button.
Definition: class.ilTable2GUI.php:1186
ilTableGUI\disable
disable($a_module_name)
diesables particular modules of table
Definition: class.ilTableGUI.php:442
ilTableGUI\setLimit
setLimit($a_limit=0, $a_default_limit=0)
set max.
Definition: class.ilTableGUI.php:286
$ilCtrl
global $ilCtrl
Definition: ilias.php:18