4include_once
"./Services/Object/classes/class.ilObjectGUI.php";
5include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
46 function __construct($a_data,$a_id,$a_call_by_reference =
false,$a_prepare_output =
true)
50 $lng->loadLanguageModule(
'rbac');
53 define(
"USER_FOLDER_ID",7);
69 $this->
ilObjectGUI($a_data,$a_id,$a_call_by_reference,
false);
70 $this->ctrl->saveParameter($this, array(
'obj_id',
'rolf_ref_id'));
80 $next_class = $this->ctrl->getNextClass($this);
81 $cmd = $this->ctrl->getCmd();
85 case 'ilrepositorysearchgui':
91 include_once(
'./Services/Search/classes/class.ilRepositorySearchGUI.php');
93 $rep_search->setTitle($this->lng->txt(
'role_add_user'));
94 $rep_search->setCallback($this,
'addUserObject');
97 $this->tabs_gui->setTabActive(
'user_assignment');
98 $this->ctrl->setReturn($this,
'userassignment');
99 $ret =& $this->ctrl->forwardCommand($rep_search);
104 $this->tabs_gui->setTabActive(
'export');
106 include_once
'./Services/Export/classes/class.ilExportOptions.php';
110 include_once
'./Services/Export/classes/class.ilExportGUI.php';
112 $exp->addFormat(
'xml');
113 $this->ctrl->forwardCommand($exp);
125 $cmd =
'userassignment';
169 $this->back_target = array(
"text" => $a_text,
175 return $this->back_target ? $this->back_target : array();
209 global $rbacsystem,$rbacreview,
$tree;
212 if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
213 $this->obj_ref_id != ROLE_FOLDER_ID)
220 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
225 $this->
__showButton(
'selectDesktopItem',$this->lng->txt(
'role_desk_add'));
227 if(!count($items = $role_desk_item_obj->getAll()))
232 $this->tpl->addBlockFile(
"ADM_CONTENT",
"adm_content",
"tpl.role_desktop_item_list.html",
"Services/AccessControl");
233 $this->tpl->setVariable(
"FORMACTION",$this->ctrl->getFormAction($this));
235 $this->tpl->setVariable(
"TBL_TITLE_IMG_ALT",$this->lng->txt(
'obj_role'));
236 $this->tpl->setVariable(
"TBL_TITLE",$this->lng->txt(
'role_assigned_desk_items').
' ('.$this->object->getTitle().
')');
237 $this->tpl->setVariable(
"HEADER_DESC",$this->lng->txt(
'description'));
238 $this->tpl->setVariable(
"BTN_DELETE",$this->lng->txt(
'delete'));
243 foreach($items as $role_item_id => $item)
247 if(strlen($desc = $tmp_obj->getDescription()))
249 $this->tpl->setCurrentBlock(
"description");
250 $this->tpl->setVariable(
"DESCRIPTION_DESK",$desc);
251 $this->tpl->parseCurrentBlock();
253 $this->tpl->setCurrentBlock(
"desk_row");
254 $this->tpl->setVariable(
"DESK_TITLE",$tmp_obj->getTitle());
256 $this->tpl->setVariable(
"CHECK_DESK",ilUtil::formCheckBox(0,
'del_desk_item[]',$role_item_id));
257 $this->tpl->setVariable(
"TXT_PATH",$this->lng->txt(
'path').
':');
258 $this->tpl->setVariable(
"PATH",$this->
__formatPath($tree->getPathFull($item[
'item_id'])));
259 $this->tpl->parseCurrentBlock();
272 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
274 if(!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
276 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
278 if(!count(
$_POST[
'del_desk_item']))
288 $this->tpl->addBlockFile(
"ADM_CONTENT",
"adm_content",
"tpl.role_ask_delete_desktop_item.html",
"Services/AccessControl");
289 $this->tpl->setVariable(
"FORMACTION",$this->ctrl->getFormAction($this));
291 $this->tpl->setVariable(
"TBL_TITLE_IMG_ALT",$this->lng->txt(
'obj_role'));
292 $this->tpl->setVariable(
"TBL_TITLE",$this->lng->txt(
'role_assigned_desk_items').
' ('.$this->object->getTitle().
')');
293 $this->tpl->setVariable(
"HEADER_DESC",$this->lng->txt(
'description'));
294 $this->tpl->setVariable(
"BTN_DELETE",$this->lng->txt(
'delete'));
295 $this->tpl->setVariable(
"BTN_CANCEL",$this->lng->txt(
'cancel'));
297 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
303 foreach(
$_POST[
'del_desk_item'] as $role_item_id)
305 $item_data = $role_desk_item_obj->getItem($role_item_id);
308 if(strlen($desc = $tmp_obj->getDescription()))
310 $this->tpl->setCurrentBlock(
"description");
311 $this->tpl->setVariable(
"DESCRIPTION_DESK",$desc);
312 $this->tpl->parseCurrentBlock();
314 $this->tpl->setCurrentBlock(
"desk_row");
315 $this->tpl->setVariable(
"DESK_TITLE",$tmp_obj->getTitle());
317 $this->tpl->parseCurrentBlock();
331 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
334 if (!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
336 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
339 if (!count(
$_SESSION[
'role_del_desk_items']))
348 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
352 foreach (
$_SESSION[
'role_del_desk_items'] as $role_item_id)
354 $role_desk_item_obj->delete($role_item_id);
366 global $rbacsystem,
$tree;
368 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
369 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
371 if(!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
373 #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
379 $this->tpl->addBlockFile(
"ADM_CONTENT",
"adm_content",
"tpl.role_desktop_item_selector.html",
"Services/AccessControl");
380 $this->
__showButton(
'listDesktopItems',$this->lng->txt(
'back'));
386 $exp->setExpand(
$_GET[
"role_desk_item_link_expand"] ?
$_GET[
"role_desk_item_link_expand"] :
$tree->readRootId());
387 $exp->setExpandTarget($this->ctrl->getLinkTarget($this,
'selectDesktopItem'));
391 $output = $exp->getOutput();
392 $this->tpl->setVariable(
"EXPLORER",$output);
402 if (!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
404 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
409 if (!isset(
$_GET[
'item_id']))
417 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
424 $this->ctrl->redirect($this,
'listDesktopItems');
435 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
438 if($this->creation_mode)
440 $this->ctrl->setParameter($this,
"new_type",
'role');
442 $this->form->setFormAction($this->ctrl->getFormAction($this));
447 $this->form->setTitle($this->lng->txt(
'role_new'));
448 $this->form->addCommandButton(
'save',$this->lng->txt(
'role_new'));
452 $this->form->setTitle($this->lng->txt(
'role_edit'));
453 $this->form->addCommandButton(
'update', $this->lng->txt(
'save'));
460 $this->form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
465 $title->setDisabled(
true);
470 $title->setValidationRegexp(
'/^(?!il_).*$/');
471 $title->setValidationFailureMessage($this->lng->txt(
'msg_role_reserved_prefix'));
475 $title->setMaxLength(70);
476 $title->setRequired(
true);
477 $this->form->addItem($title);
482 $desc->setDisabled(
true);
486 $this->form->addItem($desc);
488 if($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE)
491 $this->form->addItem($ilias_id);
494 if($this->obj_ref_id == ROLE_FOLDER_ID)
498 #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
499 $this->form->addItem($reg);
503 #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
504 $this->form->addItem($la);
509 #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
510 $this->form->addItem($pro);
512 include_once
'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
516 $quo->setMinValue(0);
518 $quo->setInfo($this->lng->txt(
'enter_in_mb_desc').
'<br />'.$this->lng->txt(
'disk_quota_on_role_desc'));
519 $this->form->addItem($quo);
523 $this->lng->loadLanguageModule(
"file");
524 $wquo =
new ilNumberInputGUI($this->lng->txt(
'personal_workspace_disk_quota'),
'wsp_disk_quota');
525 $wquo->setMinValue(0);
527 $wquo->setInfo($this->lng->txt(
'enter_in_mb_desc').
'<br />'.$this->lng->txt(
'disk_quota_on_role_desc'));
528 $this->form->addItem($wquo);
542 if(!$this->form->getItemByPostVar(
'title')->getDisabled())
544 $role->
setTitle($this->form->getInput(
'title'));
547 if(!$this->form->getItemByPostVar(
'desc')->getDisabled())
567 include_once
'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
582 $data[
'pro'] = $rbacreview->isProtected($this->obj_ref_id, $role->
getId());
584 $this->form->setValuesByArray(
$data);
599 if(!$rbacsystem->checkAccess(
'create_role',$this->obj_ref_id))
601 $ilErr->raiseError($this->lng->txt(
'permission_denied'),
$ilErr->MESSAGE);
605 $this->tpl->setContent($this->form->getHTML());
618 $ilErr->raiseError($this->lng->txt(
"msg_no_perm_write"),
$ilErr->MESSAGE);
622 if($this->object->getId() != SYSTEM_ROLE_ID)
624 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
625 if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
627 $ilToolbar->addButton(
628 $this->lng->txt(
'rbac_delete_role'),
629 $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
636 $this->tpl->setContent($this->form->getHTML());
646 global $rbacadmin,$rbacreview;
649 if($this->form->checkInput() and !$this->checkDuplicate())
651 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
653 $this->role->create();
654 $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id,
'y');
655 $rbacadmin->setProtected(
657 $this->role->getId(),
658 $this->form->getInput(
'pro') ?
'y' :
'n'
661 $this->ctrl->setParameter($this,
'obj_id',$this->role->getId());
662 $this->ctrl->redirect($this,
'perm');
666 $this->form->setValuesByPost();
667 $this->tpl->setContent($this->form->getHTML());
690 if($this->form->checkInput() and !$this->checkDuplicate($this->object->getId()))
692 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
694 $this->
object->update();
695 $rbacadmin->setProtected(
697 $this->object->getId(),
698 $this->form->getInput(
'pro') ?
'y' :
'n'
701 $this->ctrl->redirect($this,
'edit');
705 $this->form->setValuesByPost();
706 $this->tpl->setContent($this->form->getHTML());
714 protected function permObject($a_show_admin_permissions =
false)
718 $ilTabs->setTabActive(
'default_perm_settings');
722 if($a_show_admin_permissions)
724 $ilTabs->setSubTabActive(
'rbac_admin_permissions');
728 $ilTabs->setSubTabActive(
'rbac_repository_permissions');
733 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->MESSAGE);
738 if($this->object->getId() != SYSTEM_ROLE_ID)
740 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
741 $ilToolbar->addButton(
742 $this->lng->txt(
"adopt_perm_from_template"),
743 $this->ctrl->getLinkTarget($this,
'adoptPerm')
745 if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
747 $ilToolbar->addButton(
748 $this->lng->txt(
'rbac_delete_role'),
749 $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
754 $this->tpl->addBlockFile(
757 'tpl.rbac_template_permissions.html',
758 'Services/AccessControl'
761 $this->tpl->setVariable(
'PERM_ACTION',$this->ctrl->getFormAction($this));
763 include_once
'./Services/Accordion/classes/class.ilAccordionGUI.php';
768 if($this->obj_ref_id == ROLE_FOLDER_ID)
770 if($a_show_admin_permissions)
772 $subs =
$objDefinition->getSubObjectsRecursively(
'adm',
true,
true);
776 $subs =
$objDefinition->getSubObjectsRecursively(
'root',
true,$a_show_admin_permissions);
785 foreach($subs as $subtype => $def)
793 $translation = $this->lng->txt(
"obj_".$subtype);
797 $translation = $this->lng->txt(
'objs_'.$subtype);
800 $sorted[$subtype] = $def;
801 $sorted[$subtype][
'translation'] = $translation;
806 foreach($sorted as $subtype => $def)
814 $translation = $this->lng->txt(
"obj_".$subtype);
818 $translation = $this->lng->txt(
'objs_'.$subtype);
821 include_once
'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
826 $this->object->getId(),
828 $a_show_admin_permissions
832 $acc->addItem($translation, $tbl->getHTML());
835 $this->tpl->setVariable(
'ACCORDION',$acc->getHTML());
838 include_once
'./Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
843 $this->object->getId(),
844 $a_show_admin_permissions
846 if($this->object->getId() != SYSTEM_ROLE_ID)
849 $a_show_admin_permissions ?
'adminPermSave' :
'permSave',
850 $this->lng->txt(
'save')
855 $this->tpl->setVariable(
'OPTIONS_TABLE',
$options->getHTML());
882 $parent_role_ids = $rbacreview->getParentRoleIds($this->obj_ref_id,
true);
884 foreach($parent_role_ids as $id => $tmp)
891 foreach($sorted_ids as $id)
893 $par = $parent_role_ids[$id];
894 if ($par[
"obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par[
"obj_id"])
896 $output[$key][
"role_id"] = $par[
"obj_id"];
897 $output[$key][
"type"] = ($par[
"type"] ==
'role' ? $this->lng->txt(
'obj_role') : $this->lng->txt(
'obj_rolt'));
899 $output[$key][
"role_desc"] = $par[
"desc"];
905 include_once(
'./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
908 $tbl->setTitle($this->lng->txt(
"adopt_perm_from_template"));
909 $tbl->setData($output);
911 $this->tpl->setContent($tbl->getHTML());
922 $access = $this->
checkAccess(
'visible,write',
'edit_permission');
925 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
928 $question = $this->lng->txt(
'rbac_role_delete_qst');
929 if($rbacreview->isAssigned(
$ilUser->getId(), $this->object->getId()))
931 $question .= (
'<br />'.$this->lng->txt(
'rbac_role_delete_self'));
935 include_once
'./Services/Utilities/classes/class.ilConfirmationGUI.php';
938 $confirm->setFormAction($this->ctrl->getFormAction($this));
939 $confirm->setHeaderText($question);
940 $confirm->setCancel($this->lng->txt(
'cancel'),
'perm');
941 $confirm->setConfirm($this->lng->txt(
'rbac_delete_role'),
'performDeleteRole');
945 $this->object->getId(),
946 $this->object->getTitle(),
950 $this->tpl->setContent($confirm->getHTML());
963 $access = $this->
checkAccess(
'visible,write',
'edit_permission');
966 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
969 $this->
object->setParent((
int) $this->obj_ref_id);
970 $this->
object->delete();
973 $this->ctrl->returnToParent($this);
986 $access = $this->
checkAccess(
'visible,write',
'edit_permission');
990 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
994 include_once
"Services/AccessControl/classes/class.ilRbacLog.php";
1002 if($this->obj_ref_id == ROLE_FOLDER_ID)
1004 if($a_show_admin_permissions)
1006 $subs =
$objDefinition->getSubObjectsRecursively(
'adm',
true,
true);
1010 $subs =
$objDefinition->getSubObjectsRecursively(
'root',
true,
false);
1018 foreach($subs as $subtype => $def)
1021 $rbacadmin->deleteRolePermission($this->object->getId(),$this->obj_ref_id,$subtype);
1024 if (empty(
$_POST[
"template_perm"]))
1026 $_POST[
"template_perm"] = array();
1029 foreach (
$_POST[
"template_perm"] as $key => $ops_array)
1032 $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->obj_ref_id);
1035 if($rbac_log_active)
1043 $this->
object->update();
1046 if ($this->obj_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id))
1048 $rbacadmin->setProtected($this->obj_ref_id,$this->object->getId(),
ilUtil::tf2yn(
$_POST[
'protected']));
1051 if($a_show_admin_permissions)
1053 $_POST[
'recursive'] =
true;
1057 if(!
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list']))
1060 if($a_show_admin_permissions)
1062 $this->ctrl->redirect($this,
'adminPerm');
1066 $this->ctrl->redirect($this,
'perm');
1076 $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID :
$this->obj_ref_id);
1077 if($a_show_admin_permissions)
1079 $start =
$tree->getParentId($this->obj_ref_id);
1084 $this->
object->changeExistingObjects(
1089 #$a_show_admin_permissions ? array('adm') : array()
1094 $this->
object->changeExistingObjects(
1099 #$a_show_admin_permissions ? array('adm') : array()
1104 if($a_show_admin_permissions)
1106 $this->ctrl->redirect($this,
'adminPerm');
1110 $this->ctrl->redirect($this,
'perm');
1123 global $rbacadmin, $rbacsystem, $rbacreview,
$tree;
1132 $access = $this->
checkAccess(
'visible,write',
'edit_permission');
1135 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1138 if ($this->object->getId() ==
$_POST[
"adopt"])
1144 $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
1145 $parentRoles = $rbacreview->getParentRoleIds($this->obj_ref_id,
true);
1146 $rbacadmin->copyRoleTemplatePermissions(
1148 $parentRoles[
$_POST[
"adopt"]][
"parent"],
1150 $this->object->getId(),
1154 $this->
object->update();
1157 $obj_data =& $this->
ilias->obj_factory->getInstanceByObjId($_POST[
"adopt"]);
1158 ilUtil::sendSuccess($this->lng->txt(
"msg_perm_adopted_from1").
" '".$obj_data->getTitle().
"'.<br/>".
1159 $this->lng->txt(
"msg_perm_adopted_from2"),
true);
1162 $this->ctrl->redirect($this,
"perm");
1172 $this->assignUserObject();
1184 global $rbacreview,$rbacadmin;
1186 if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
1191 if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
1192 $this->obj_ref_id != ROLE_FOLDER_ID)
1199 $GLOBALS[
'lng']->loadLanguageModule(
'search');
1204 $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1207 $assigned_users_new = array_diff($a_user_ids,array_intersect($a_user_ids,$assigned_users_all));
1210 if (count($assigned_users_new) == 0)
1213 $this->ctrl->redirect($this,
'userassignment');
1217 foreach ($assigned_users_new as $user)
1219 $rbacadmin->assignUser($this->object->getId(),$user,
false);
1223 $this->
object->update();
1226 $this->ctrl->redirect($this,
'userassignment');
1236 global $rbacsystem, $rbacadmin, $rbacreview;
1238 if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
1240 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1243 $selected_users = (
$_POST[
"user_id"]) ?
$_POST[
"user_id"] : array(
$_GET[
"user_id"]);
1245 if ($selected_users[0]=== NULL)
1247 $this->
ilias->raiseError($this->lng->txt(
"no_checkbox"),$this->
ilias->error_obj->MESSAGE);
1251 if ($this->object->getId() == SYSTEM_ROLE_ID)
1253 if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !==
false)
1254 unset($selected_users[$admin]);
1258 $last_role = array();
1259 $global_roles = $rbacreview->getGlobalRoles();
1261 foreach ($selected_users as $user)
1263 $assigned_roles = $rbacreview->assignedRoles($user);
1264 $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
1266 if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
1268 $userObj = $this->
ilias->obj_factory->getInstanceByObjId($user);
1269 $last_role[$user] = $userObj->getFullName();
1276 foreach ($selected_users as $user)
1278 if(!isset($last_role[$user]))
1280 $rbacadmin->deassignUser($this->object->getId(), $user);
1285 $this->
object->update();
1288 if(count($last_role))
1290 $user_list = implode(
", ",$last_role);
1291 ilUtil::sendFailure($this->lng->txt(
'msg_is_last_role').
': '.$user_list.
'<br />'.$this->lng->txt(
'msg_min_one_role'),
true);
1297 $this->ctrl->redirect($this,
'userassignment');
1308 if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
1310 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1313 $this->tabs_gui->setTabActive(
'user_assignment');
1315 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.rbac_ua.html',
'Services/AccessControl');
1317 include_once
'./Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1321 include_once
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1323 $this->object->getId() != SYSTEM_ROLE_ID ||
1325 !$rbacreview->isAssigned(
$ilUser->getId(),SYSTEM_ROLE_ID) or
1333 include_once
'./Services/Search/classes/class.ilRepositorySearchGUI.php';
1338 'auto_complete_name' =>
$lng->txt(
'user'),
1339 'submit_name' =>
$lng->txt(
'add')
1350 $this->lng->txt(
'search_user'),
1351 $this->ctrl->getLinkTargetByClass(
'ilRepositorySearchGUI',
'start')
1357 $this->lng->txt(
'role_mailto'),
1358 $this->ctrl->getLinkTarget($this,
'mailToRole')
1360 $this->tpl->setVariable(
'BUTTONS_UA',$tb->getHTML());
1363 include_once
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1364 $role_assignment_editable =
true;
1366 $this->object->getId() == SYSTEM_ROLE_ID &&
1369 $role_assignment_editable =
false;
1372 include_once
'./Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1375 $this->tpl->setVariable(
'TABLE_UA',$ut->getHTML());
1388 if (
$_GET[
"new_type"] !=
"role")
1390 $this->ctrl->redirect($this,
"userassignment");
1394 $this->ctrl->redirectByClass(
"ilobjrolefoldergui",
"view");
1401 global $rbacsystem,$rbacreview;
1405 if (!is_array(
$_POST[
"role"]))
1408 $this->searchObject();
1413 $this->tpl->addBlockFile(
"ADM_CONTENT",
"adm_content",
"tpl.role_usr_selection.html",
"Services/AccessControl");
1414 $this->
__showButton(
"searchUserForm",$this->lng->txt(
"role_new_search"));
1419 foreach (
$_POST[
"role"] as $role_id)
1421 $members = array_merge($rbacreview->assignedUsers($role_id),$members);
1424 $members = array_unique($members);
1428 $f_result = array();
1430 foreach($members as $user)
1437 $user_ids[$counter] = $user;
1441 $f_result[$counter][] = $tmp_obj->getLogin();
1442 $f_result[$counter][] = $tmp_obj->getFirstname();
1443 $f_result[$counter][] = $tmp_obj->getLastname();
1449 $this->__showSearchUserTable($f_result,$user_ids,
"listUsersRole");
1460 foreach ($a_path_arr as
$data)
1470 if (strlen(
$path) > 50)
1472 return '...'.substr(
$path,-50);
1481 $this->tpl->addBlockFile(
"CONTENT",
"content",
"tpl.adm_content.html");
1482 $this->tpl->addBlockFile(
"STATUSLINE",
"statusline",
"tpl.statusline.html");
1502 $this->tpl->setTitle($this->lng->txt(
'role'));
1503 $this->tpl->setDescription($this->object->getTitle());
1506 $this->
getTabs($this->tabs_gui);
1515 $this->tpl->addBlockFile(
"LOCATOR",
"locator",
"tpl.locator.html",
"Services/Locator");
1519 foreach (
$tree->getPathFull($this->obj_ref_id) as $key =>
$row)
1523 $this->tpl->touchBlock(
'locator_separator_prefix');
1526 $this->tpl->setCurrentBlock(
"locator_item");
1528 if (
$row[
"type"] ==
'rolf')
1530 $this->tpl->setVariable(
"ITEM",$this->object->getTitle());
1531 $this->tpl->setVariable(
"LINK_ITEM",$this->ctrl->getLinkTarget($this));
1533 elseif (
$row[
"child"] !=
$tree->getRootId())
1535 $ilCtrl->setParameterByClass(
"ilrepositorygui",
"ref_id",
$row[
"child"]);
1536 $this->tpl->setVariable(
"ITEM",
$row[
"title"]);
1537 $this->tpl->setVariable(
"LINK_ITEM",
1538 $ilCtrl->getLinkTargetByClass(
"ilrepositorygui",
""));
1542 $ilCtrl->setParameterByClass(
"ilrepositorygui",
"ref_id",
$row[
"child"]);
1543 $this->tpl->setVariable(
"ITEM", $this->lng->txt(
"repository"));
1544 $this->tpl->setVariable(
"LINK_ITEM",
1545 $ilCtrl->getLinkTargetByClass(
"ilrepositorygui",
""));
1547 $ilCtrl->setParameterByClass(
"ilrepositorygui",
"ref_id",
$_GET[
"ref_id"]);
1549 $this->tpl->parseCurrentBlock();
1552 $this->tpl->setVariable(
"TXT_LOCATOR",$this->lng->txt(
"locator"));
1553 $this->tpl->parseCurrentBlock();
1564 if (
$_GET[
"admin_mode"] ==
"settings"
1565 &&
$_GET[
"ref_id"] == ROLE_FOLDER_ID)
1567 parent::addAdminLocatorItems(
true);
1569 $ilLocator->addItem($this->lng->txt(
"obj_".ilObject::_lookupType(
1571 $this->ctrl->getLinkTargetByClass(
"ilobjrolefoldergui",
"view"));
1573 if (
$_GET[
"obj_id"] > 0)
1575 $ilLocator->addItem($this->object->getTitle(),
1576 $this->ctrl->getLinkTarget($this,
"view"));
1590 global $rbacsystem,$rbacreview, $ilHelp;
1592 $base_role_container = $rbacreview->getFoldersAssignedToRole($this->object->getId(),
true);
1595 $activate_role_edit =
false;
1599 if (in_array($this->obj_ref_id,$base_role_container) ||
1600 (strtolower(
$_GET[
"baseClass"]) ==
"iladministrationgui" &&
1601 $_GET[
"admin_mode"] ==
"settings"))
1603 $activate_role_edit =
true;
1607 $tabs_gui->clearTargets();
1609 $ilHelp->setScreenIdComponent(
"role");
1611 if ($this->back_target !=
"")
1613 $tabs_gui->setBackTarget(
1614 $this->back_target[
"text"],$this->back_target[
"link"]);
1617 if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit)
1619 $tabs_gui->addTarget(
"edit_properties",
1620 $this->ctrl->getLinkTarget($this,
"edit"), array(
"edit",
"update"), get_class($this));
1636 $tabs_gui->addTarget(
1637 "default_perm_settings",
1638 $this->ctrl->getLinkTarget($this,
"perm"), array(),get_class($this)
1642 if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
1644 $tabs_gui->addTarget(
"user_assignment",
1645 $this->ctrl->getLinkTarget($this,
"userassignment"),
1646 array(
"deassignUser",
"userassignment",
"assignUser",
"searchUserForm",
"search"),
1650 if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
1652 $tabs_gui->addTarget(
"desktop_items",
1653 $this->ctrl->getLinkTarget($this,
"listDesktopItems"),
1654 array(
"listDesktopItems",
"deleteDesktopItems",
"selectDesktopItem",
"askDeleteDesktopItem"),
1659 $tabs_gui->addTarget(
1661 $this->ctrl->getLinkTargetByClass(
'ilExportGUI'),
1673 if(count($obj_ids) > 1)
1675 $_SESSION[
'mail_roles'][] =
'#il_role_'.$this->object->getId();
1679 $_SESSION[
'mail_roles'][] = $rbacreview->getRoleMailboxAddress($this->object->getId());
1682 require_once
'Services/Mail/classes/class.ilMailFormCall.php';
1689 global $rbacsystem,$ilAccess;
1691 $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
1693 if($this->obj_ref_id == ROLE_FOLDER_ID)
1695 return $rbacsystem->checkAccess($a_perm_global,$this->obj_ref_id);
1699 return $ilAccess->checkAccess($a_perm_obj,
'',$this->obj_ref_id);
1711 if(!(
int)
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list']))
1717 if($rbacreview->isProtected($this->obj_ref_id, $this->object->getId()))
1721 return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1727 return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1737 $protected =
$_POST[
'protected'];
1739 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
1741 $form->setFormAction($this->ctrl->getFormAction($this,
'changeExistingObjects'));
1742 $form->setTitle($this->lng->txt(
'rbac_change_existing_confirm_tbl'));
1744 $form->addCommandButton(
'changeExistingObjects', $this->lng->txt(
'change_existing_objects'));
1745 $form->addCommandButton(
'perm',$this->lng->txt(
'cancel'));
1750 serialize(array(
'all')) :
1751 serialize(
$_POST[
'recursive_list'])
1753 $form->addItem($hidden);
1761 $this->lng->txt(
'rbac_keep_local_policies'),
1763 $this->lng->txt(
'rbac_keep_local_policies_info')
1770 $this->lng->txt(
'rbac_keep_local_policies'),
1772 $this->lng->txt(
'rbac_unprotected_keep_local_policies_info')
1776 $rad->addOption($keep);
1781 $this->lng->txt(
'rbac_delete_local_policies'),
1783 $this->lng->txt(
'rbac_delete_local_policies_info')
1789 $this->lng->txt(
'rbac_delete_local_policies'),
1791 $this->lng->txt(
'rbac_unprotected_delete_local_policies_info')
1794 $rad->addOption($del);
1796 $form->addItem($rad);
1797 $this->tpl->setContent($form->getHTML());
1806 global
$tree,$rbacreview,$rbacadmin;
1808 $mode = (int)
$_POST[
'mode'];
1809 $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID :
$this->obj_ref_id);
1814 $this->ctrl->redirect($this,
'perm');
1828 case 'default_perm_settings':
1829 if($this->obj_ref_id != ROLE_FOLDER_ID)
1833 $ilTabs->addSubTabTarget(
1834 'rbac_repository_permissions',
1835 $this->ctrl->getLinkTarget($this,
'perm')
1837 $ilTabs->addSubTabTarget(
1838 'rbac_admin_permissions',
1839 $this->ctrl->getLinkTarget($this,
'adminPerm')
const USER_FOLDER_ID
Class ilObjUserFolder.
Accordion user interface class.
TableGUI class for role administration.
Confirmation screen class.
static _isActive()
Static getter.
static _isPersonalWorkspaceActive()
Static getter.
Export User Interface Class.
static newInstance($a_export_id)
Create new instance.
static allocateExportId()
Allocate a new export id.
This class represents a non editable value in a property form.
editObject()
Edit role properties.
performDeleteRoleObject()
Delete role.
saveObject()
Save new role.
updateObject()
Save role settings.
__formatPath($a_path_arr)
initFormRoleProperties($a_mode)
Create role prperty form.
userassignmentObject()
display user assignment panel
showChangeExistingObjectsConfirmation()
Show confirmation screen.
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor @access public.
setBackTarget($a_text, $a_link)
set back tab target
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
deassignUserObject()
de-assign users from role
permObject($a_show_admin_permissions=false)
Show template permissions.
loadRoleProperties(ilObjRole $role)
Store form input in role object.
assignSaveObject()
wrapper for renamed function
permSaveObject($a_show_admin_permissions=false)
save permissions
& executeCommand()
execute command
getParentType()
get type of current object (not role folder)
getContainerType()
Get type of role container.
getTabs(&$tabs_gui)
get tabs abstract method.
deleteDesktopItemsObject()
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
checkAccess($a_perm_global, $a_perm_obj='')
cancelObject()
cancelObject is called when an operation is canceled, method links back @access public
showDefaultPermissionSettings()
check if default permissions are shown or not
adminPermObject()
Show administration permissions.
assignDesktopItemObject()
adminPermSaveObject()
Save admin permissions.
addAdminLocatorItems()
should be overwritten to add object specific items (repository items are preloaded)
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
confirmDeleteRoleObject()
Show delete confirmation screen.
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
getParentRefId()
Get ref id of current object (not role folder id)
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
adoptPermSaveObject()
copy permissions from role
selectDesktopItemObject()
getParentObjId()
Get obj_id of current object.
setSubTabs($a_tab)
Set sub tabs.
getAdminTabs(&$tabs_gui)
admin and normal tabs are equal for roles
changeExistingObjectsObject()
Change existing objects.
askDeleteDesktopItemObject()
setAllowRegister($a_allow_register)
set allow_register of role
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
getPersonalWorkspaceDiskQuota()
getAllowRegister()
get allow_register
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
static isAutoGenerated($a_role_id)
toggleAssignUsersStatus($a_assign_users)
setDiskQuota($a_disk_quota)
_getTranslation($a_role_title)
setPersonalWorkspaceDiskQuota($a_disk_quota)
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Class ilObjectGUI Basic methods of all Output classes.
__showButton($a_cmd, $a_text, $a_target='')
ilObjectGUI($a_data, $a_id=0, $a_call_by_reference=true, $a_prepare_output=true)
Constructor @access public.
prepareOutput()
prepare output
Table for object role permissions.
Table for object role permissions.
static _lookupObjId($a_id)
setTitle($a_title)
set object title
setDescription($a_desc)
set object description
getDescription()
get object description
getId()
get object id @access public
static _lookupType($a_id, $a_reference=false)
lookup object type
static _getIdsForTitle($title, $type='', $partialmatch=false)
getTitle()
get object title @access public
static lookupTxt($a_mod_prefix, $a_pl_id, $a_lang_var)
Lookup language text.
This class represents an option in a radio group.
static diffTemplate(array $a_old, array $a_new)
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static gatherTemplate($a_role_ref_id, $a_role_id)
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array())
fill toolbar with
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07....
static _getInstance()
Get instance of ilSecuritySettings.
This class represents a text area property in a property form.
This class represents a text property in a property form.
static formCheckbox($checked, $varname, $value, $disabled=false)
??? @access public
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
static tf2yn($a_tf)
convert true/false to "y"/"n"
static sortArray($array, $a_array_sortby, $a_array_sortorder=0, $a_numeric=false, $a_keep_keys=false)
sortArray
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
static redirect($a_script)
http redirect to other script
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static switchColor($a_num, $a_css1, $a_css2)
switches style sheets for each even $a_num (used for changing colors of different result rows)
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
static infoPanel($a_keep=true)
redirection script todo: (a better solution should control the processing via a xml file)
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
if(!is_array($argv)) $options