4include_once 
"./Services/Object/classes/class.ilObjectGUI.php";
 
    5include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
   46        function __construct($a_data,$a_id,$a_call_by_reference = 
false,$a_prepare_output = 
true)
 
   50                $lng->loadLanguageModule(
'rbac');
 
   53                define(
"USER_FOLDER_ID",7);
 
   69                $this->
ilObjectGUI($a_data,$a_id,$a_call_by_reference,
false);
 
   70                $this->ctrl->saveParameter($this, array(
'obj_id', 
'rolf_ref_id'));
 
   80                $next_class = $this->ctrl->getNextClass($this);
 
   81                $cmd = $this->ctrl->getCmd();
 
   85                        case 'ilrepositorysearchgui':
 
   91                                include_once(
'./Services/Search/classes/class.ilRepositorySearchGUI.php');
 
   93                                $rep_search->setTitle($this->lng->txt(
'role_add_user'));
 
   94                                $rep_search->setCallback($this,
'addUserObject');
 
   97                                $this->tabs_gui->setTabActive(
'user_assignment');
 
   98                                $this->ctrl->setReturn($this,
'userassignment');
 
   99                                $ret =& $this->ctrl->forwardCommand($rep_search);
 
  104                                $this->tabs_gui->setTabActive(
'export');
 
  106                                include_once 
'./Services/Export/classes/class.ilExportOptions.php';
 
  110                                include_once 
'./Services/Export/classes/class.ilExportGUI.php';
 
  112                                $exp->addFormat(
'xml');
 
  113                                $this->ctrl->forwardCommand($exp);
 
  125                                                $cmd = 
'userassignment';
 
  169                $this->back_target = array(
"text" => $a_text,
 
  175                return $this->back_target ? $this->back_target : array();
 
  209                global $rbacsystem,$rbacreview,
$tree;
 
  212                if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
 
  213                        $this->obj_ref_id != ROLE_FOLDER_ID)
 
  220                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
 
  225                        $this->
__showButton(
'selectDesktopItem',$this->lng->txt(
'role_desk_add'));
 
  227                if(!count($items = $role_desk_item_obj->getAll()))
 
  232                $this->tpl->addBlockFile(
"ADM_CONTENT", 
"adm_content", 
"tpl.role_desktop_item_list.html", 
"Services/AccessControl");
 
  233                $this->tpl->setVariable(
"FORMACTION",$this->ctrl->getFormAction($this));
 
  235                $this->tpl->setVariable(
"TBL_TITLE_IMG_ALT",$this->lng->txt(
'obj_role'));
 
  236                $this->tpl->setVariable(
"TBL_TITLE",$this->lng->txt(
'role_assigned_desk_items').
' ('.$this->object->getTitle().
')');
 
  237                $this->tpl->setVariable(
"HEADER_DESC",$this->lng->txt(
'description'));
 
  238                $this->tpl->setVariable(
"BTN_DELETE",$this->lng->txt(
'delete'));
 
  243                foreach($items as $role_item_id => $item)
 
  247                        if(strlen($desc = $tmp_obj->getDescription()))
 
  249                                $this->tpl->setCurrentBlock(
"description");
 
  250                                $this->tpl->setVariable(
"DESCRIPTION_DESK",$desc);
 
  251                                $this->tpl->parseCurrentBlock();
 
  253                        $this->tpl->setCurrentBlock(
"desk_row");
 
  254                        $this->tpl->setVariable(
"DESK_TITLE",$tmp_obj->getTitle());
 
  256                        $this->tpl->setVariable(
"CHECK_DESK",ilUtil::formCheckBox(0,
'del_desk_item[]',$role_item_id));
 
  257                        $this->tpl->setVariable(
"TXT_PATH",$this->lng->txt(
'path').
':');
 
  258                        $this->tpl->setVariable(
"PATH",$this->
__formatPath($tree->getPathFull($item[
'item_id'])));
 
  259                        $this->tpl->parseCurrentBlock();
 
  272                        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  274                if(!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
 
  276                        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  278                if(!count(
$_POST[
'del_desk_item']))
 
  288                $this->tpl->addBlockFile(
"ADM_CONTENT", 
"adm_content", 
"tpl.role_ask_delete_desktop_item.html", 
"Services/AccessControl");
 
  289                $this->tpl->setVariable(
"FORMACTION",$this->ctrl->getFormAction($this));
 
  291                $this->tpl->setVariable(
"TBL_TITLE_IMG_ALT",$this->lng->txt(
'obj_role'));
 
  292                $this->tpl->setVariable(
"TBL_TITLE",$this->lng->txt(
'role_assigned_desk_items').
' ('.$this->object->getTitle().
')');
 
  293                $this->tpl->setVariable(
"HEADER_DESC",$this->lng->txt(
'description'));
 
  294                $this->tpl->setVariable(
"BTN_DELETE",$this->lng->txt(
'delete'));
 
  295                $this->tpl->setVariable(
"BTN_CANCEL",$this->lng->txt(
'cancel'));
 
  297                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
 
  303                foreach(
$_POST[
'del_desk_item'] as $role_item_id)
 
  305                        $item_data = $role_desk_item_obj->getItem($role_item_id);
 
  308                        if(strlen($desc = $tmp_obj->getDescription()))
 
  310                                $this->tpl->setCurrentBlock(
"description");
 
  311                                $this->tpl->setVariable(
"DESCRIPTION_DESK",$desc);
 
  312                                $this->tpl->parseCurrentBlock();
 
  314                        $this->tpl->setCurrentBlock(
"desk_row");
 
  315                        $this->tpl->setVariable(
"DESK_TITLE",$tmp_obj->getTitle());
 
  317                        $this->tpl->parseCurrentBlock();
 
  331                        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  334                if (!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
 
  336                        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  339                if (!count(
$_SESSION[
'role_del_desk_items']))
 
  348                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
 
  352                foreach (
$_SESSION[
'role_del_desk_items'] as $role_item_id)
 
  354                        $role_desk_item_obj->delete($role_item_id);
 
  366                global $rbacsystem,
$tree;
 
  368                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
 
  369                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
 
  371                if(!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
 
  373                        #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  379                $this->tpl->addBlockFile(
"ADM_CONTENT", 
"adm_content", 
"tpl.role_desktop_item_selector.html", 
"Services/AccessControl");
 
  380                $this->
__showButton(
'listDesktopItems',$this->lng->txt(
'back'));
 
  386                $exp->setExpand(
$_GET[
"role_desk_item_link_expand"] ? 
$_GET[
"role_desk_item_link_expand"] : 
$tree->readRootId());
 
  387                $exp->setExpandTarget($this->ctrl->getLinkTarget($this,
'selectDesktopItem'));
 
  391                $output = $exp->getOutput();
 
  392                $this->tpl->setVariable(
"EXPLORER",$output);
 
  402                if (!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
 
  404                        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  409                if (!isset(
$_GET[
'item_id']))
 
  417                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
 
  424                $this->ctrl->redirect($this,
'listDesktopItems');
 
  435                include_once 
'./Services/Form/classes/class.ilPropertyFormGUI.php';
 
  438                if($this->creation_mode)
 
  440                        $this->ctrl->setParameter($this, 
"new_type", 
'role');
 
  442                $this->form->setFormAction($this->ctrl->getFormAction($this));
 
  447                                $this->form->setTitle($this->lng->txt(
'role_new'));
 
  448                                $this->form->addCommandButton(
'save',$this->lng->txt(
'role_new'));
 
  452                                $this->form->setTitle($this->lng->txt(
'role_edit'));
 
  453                                $this->form->addCommandButton(
'update', $this->lng->txt(
'save'));
 
  460                $this->form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
 
  465                        $title->setDisabled(
true);
 
  470                        $title->setValidationRegexp(
'/^(?!il_).*$/');
 
  471                        $title->setValidationFailureMessage($this->lng->txt(
'msg_role_reserved_prefix'));
 
  475                $title->setMaxLength(70);
 
  476                $title->setRequired(
true);
 
  477                $this->form->addItem($title);
 
  482                        $desc->setDisabled(
true);
 
  486                $this->form->addItem($desc);
 
  488                if($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE)
 
  491                        $this->form->addItem($ilias_id);
 
  494                if($this->obj_ref_id == ROLE_FOLDER_ID)
 
  498                        #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info')); 
  499                        $this->form->addItem($reg);
 
  503                        #$la->setInfo($this->lng->txt('rbac_local_admin_info')); 
  504                        $this->form->addItem($la);
 
  509                #$pro->setInfo($this->lng->txt('role_protext_permission_info')); 
  510                $this->form->addItem($pro);
 
  512                include_once 
'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
 
  516                        $quo->setMinValue(0);
 
  518                        $quo->setInfo($this->lng->txt(
'enter_in_mb_desc').
'<br />'.$this->lng->txt(
'disk_quota_on_role_desc'));
 
  519                        $this->form->addItem($quo);
 
  523                        $this->lng->loadLanguageModule(
"file");
 
  524                        $wquo = 
new ilNumberInputGUI($this->lng->txt(
'personal_workspace_disk_quota'),
'wsp_disk_quota');
 
  525                        $wquo->setMinValue(0);
 
  527                        $wquo->setInfo($this->lng->txt(
'enter_in_mb_desc').
'<br />'.$this->lng->txt(
'disk_quota_on_role_desc'));
 
  528                        $this->form->addItem($wquo);
 
  542                if(!$this->form->getItemByPostVar(
'title')->getDisabled())
 
  544                        $role->
setTitle($this->form->getInput(
'title'));
 
  547                if(!$this->form->getItemByPostVar(
'desc')->getDisabled())
 
  567                include_once 
'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
 
  582                $data[
'pro'] = $rbacreview->isProtected($this->obj_ref_id, $role->
getId());
 
  584                $this->form->setValuesByArray(
$data);
 
  599                if(!$rbacsystem->checkAccess(
'create_role',$this->obj_ref_id))
 
  601                        $ilErr->raiseError($this->lng->txt(
'permission_denied'),
$ilErr->MESSAGE);
 
  605                $this->tpl->setContent($this->form->getHTML());
 
  618                        $ilErr->raiseError($this->lng->txt(
"msg_no_perm_write"),
$ilErr->MESSAGE);
 
  622                if($this->object->getId() != SYSTEM_ROLE_ID)
 
  624                        $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
 
  625                        if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
 
  627                                $ilToolbar->addButton(
 
  628                                        $this->lng->txt(
'rbac_delete_role'),
 
  629                                        $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
 
  636                $this->tpl->setContent($this->form->getHTML());
 
  646                global $rbacadmin,$rbacreview;
 
  649                if($this->form->checkInput() and !$this->checkDuplicate())
 
  651                        include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  653                        $this->role->create();
 
  654                        $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id,
'y');
 
  655                        $rbacadmin->setProtected(
 
  657                                $this->role->getId(),
 
  658                                $this->form->getInput(
'pro') ? 
'y' : 
'n' 
  661                        $this->ctrl->setParameter($this,
'obj_id',$this->role->getId());
 
  662                        $this->ctrl->redirect($this,
'perm');
 
  666                $this->form->setValuesByPost();
 
  667                $this->tpl->setContent($this->form->getHTML());
 
  690                if($this->form->checkInput() and !$this->checkDuplicate($this->object->getId()))
 
  692                        include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  694                        $this->
object->update();
 
  695                        $rbacadmin->setProtected(
 
  697                                $this->object->getId(),
 
  698                                $this->form->getInput(
'pro') ? 
'y' : 
'n' 
  701                        $this->ctrl->redirect($this,
'edit');
 
  705                $this->form->setValuesByPost();
 
  706                $this->tpl->setContent($this->form->getHTML());
 
  714        protected function permObject($a_show_admin_permissions = 
false)
 
  718                $ilTabs->setTabActive(
'default_perm_settings');
 
  722                if($a_show_admin_permissions)
 
  724                        $ilTabs->setSubTabActive(
'rbac_admin_permissions');
 
  728                        $ilTabs->setSubTabActive(
'rbac_repository_permissions');        
 
  733                        $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->MESSAGE);
 
  738                if($this->object->getId() != SYSTEM_ROLE_ID)
 
  740                        $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
 
  741                        $ilToolbar->addButton(
 
  742                                $this->lng->txt(
"adopt_perm_from_template"),
 
  743                                $this->ctrl->getLinkTarget($this,
'adoptPerm')
 
  745                        if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
 
  747                                $ilToolbar->addButton(
 
  748                                        $this->lng->txt(
'rbac_delete_role'),
 
  749                                        $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
 
  754                $this->tpl->addBlockFile(
 
  757                        'tpl.rbac_template_permissions.html',
 
  758                        'Services/AccessControl' 
  761                $this->tpl->setVariable(
'PERM_ACTION',$this->ctrl->getFormAction($this));
 
  763                include_once 
'./Services/Accordion/classes/class.ilAccordionGUI.php';
 
  768                if($this->obj_ref_id == ROLE_FOLDER_ID)
 
  770                        if($a_show_admin_permissions)
 
  772                                $subs = 
$objDefinition->getSubObjectsRecursively(
'adm',
true,
true);
 
  776                                $subs = 
$objDefinition->getSubObjectsRecursively(
'root',
true,$a_show_admin_permissions);
 
  785                foreach($subs as $subtype => $def)
 
  793                                $translation = $this->lng->txt(
"obj_".$subtype);
 
  797                                $translation = $this->lng->txt(
'objs_'.$subtype);
 
  800                        $sorted[$subtype] = $def;
 
  801                        $sorted[$subtype][
'translation'] = $translation;
 
  806                foreach($sorted as $subtype => $def)
 
  814                                $translation = $this->lng->txt(
"obj_".$subtype);
 
  818                                $translation = $this->lng->txt(
'objs_'.$subtype);
 
  821                        include_once 
'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
 
  826                                $this->object->getId(),
 
  828                                $a_show_admin_permissions
 
  832                        $acc->addItem($translation, $tbl->getHTML());
 
  835                $this->tpl->setVariable(
'ACCORDION',$acc->getHTML());
 
  838                include_once 
'./Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
 
  843                        $this->object->getId(),
 
  844                        $a_show_admin_permissions
 
  846                if($this->object->getId() != SYSTEM_ROLE_ID)
 
  849                                $a_show_admin_permissions ? 
'adminPermSave' : 
'permSave',
 
  850                                $this->lng->txt(
'save')
 
  855                $this->tpl->setVariable(
'OPTIONS_TABLE',
$options->getHTML());
 
  882                $parent_role_ids = $rbacreview->getParentRoleIds($this->obj_ref_id,
true);
 
  884                foreach($parent_role_ids as $id => $tmp)
 
  891                foreach($sorted_ids as $id)
 
  893                        $par = $parent_role_ids[$id];
 
  894                        if ($par[
"obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par[
"obj_id"])
 
  896                                $output[$key][
"role_id"] = $par[
"obj_id"];
 
  897                                $output[$key][
"type"] = ($par[
"type"] == 
'role' ? $this->lng->txt(
'obj_role') : $this->lng->txt(
'obj_rolt'));
 
  899                                $output[$key][
"role_desc"] = $par[
"desc"];
 
  905                include_once(
'./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
 
  908                $tbl->setTitle($this->lng->txt(
"adopt_perm_from_template"));
 
  909                $tbl->setData($output);
 
  911                $this->tpl->setContent($tbl->getHTML());
 
  922                $access = $this->
checkAccess(
'visible,write',
'edit_permission');
 
  925                        $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
 
  928                $question = $this->lng->txt(
'rbac_role_delete_qst');
 
  929                if($rbacreview->isAssigned(
$ilUser->getId(), $this->object->getId()))
 
  931                        $question .= (
'<br />'.$this->lng->txt(
'rbac_role_delete_self'));
 
  935                include_once 
'./Services/Utilities/classes/class.ilConfirmationGUI.php';
 
  938                $confirm->setFormAction($this->ctrl->getFormAction($this));
 
  939                $confirm->setHeaderText($question);
 
  940                $confirm->setCancel($this->lng->txt(
'cancel'), 
'perm');
 
  941                $confirm->setConfirm($this->lng->txt(
'rbac_delete_role'), 
'performDeleteRole');
 
  945                        $this->object->getId(),
 
  946                        $this->object->getTitle(),
 
  950                $this->tpl->setContent($confirm->getHTML());
 
  963                $access = $this->
checkAccess(
'visible,write',
'edit_permission');
 
  966                        $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
 
  969                $this->
object->setParent((
int) $this->obj_ref_id);
 
  970                $this->
object->delete();
 
  973                $this->ctrl->returnToParent($this);
 
  986                $access = $this->
checkAccess(
'visible,write',
'edit_permission');
 
  990                        $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
 
  994                include_once 
"Services/AccessControl/classes/class.ilRbacLog.php";
 
 1002                if($this->obj_ref_id == ROLE_FOLDER_ID)
 
 1004                        if($a_show_admin_permissions)
 
 1006                                $subs = 
$objDefinition->getSubObjectsRecursively(
'adm',
true,
true);
 
 1010                                $subs = 
$objDefinition->getSubObjectsRecursively(
'root',
true,
false);
 
 1018                foreach($subs as $subtype => $def)
 
 1021                        $rbacadmin->deleteRolePermission($this->object->getId(),$this->obj_ref_id,$subtype);
 
 1024                if (empty(
$_POST[
"template_perm"]))
 
 1026                        $_POST[
"template_perm"] = array();
 
 1029                foreach (
$_POST[
"template_perm"] as $key => $ops_array)
 
 1032                        $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->obj_ref_id);
 
 1035                if($rbac_log_active)
 
 1043                $this->
object->update();
 
 1046                if ($this->obj_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id))
 
 1048                        $rbacadmin->setProtected($this->obj_ref_id,$this->object->getId(),
ilUtil::tf2yn(
$_POST[
'protected']));
 
 1051                if($a_show_admin_permissions)
 
 1053                        $_POST[
'recursive'] = 
true;
 
 1057                if(!
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list']))
 
 1060                        if($a_show_admin_permissions)
 
 1062                                $this->ctrl->redirect($this,
'adminPerm');
 
 1066                                $this->ctrl->redirect($this,
'perm');
 
 1076                $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : 
$this->obj_ref_id);
 
 1077                if($a_show_admin_permissions)
 
 1079                        $start = 
$tree->getParentId($this->obj_ref_id);
 
 1084                        $this->
object->changeExistingObjects(
 
 1089                                #$a_show_admin_permissions ? array('adm') : array() 
 1094                        $this->
object->changeExistingObjects(
 
 1099                                #$a_show_admin_permissions ? array('adm') : array() 
 1104                if($a_show_admin_permissions)
 
 1106                        $this->ctrl->redirect($this,
'adminPerm');
 
 1110                        $this->ctrl->redirect($this,
'perm');
 
 1123                global $rbacadmin, $rbacsystem, $rbacreview, 
$tree;
 
 1132                $access = $this->
checkAccess(
'visible,write',
'edit_permission');
 
 1135                        $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
 
 1138                if ($this->object->getId() == 
$_POST[
"adopt"])
 
 1144                        $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
 
 1145                        $parentRoles = $rbacreview->getParentRoleIds($this->obj_ref_id,
true);
 
 1146                        $rbacadmin->copyRoleTemplatePermissions(
 
 1148                                $parentRoles[
$_POST[
"adopt"]][
"parent"],
 
 1150                                $this->object->getId(),
 
 1154                        $this->
object->update();
 
 1157                        $obj_data =& $this->
ilias->obj_factory->getInstanceByObjId($_POST[
"adopt"]);
 
 1158                        ilUtil::sendSuccess($this->lng->txt(
"msg_perm_adopted_from1").
" '".$obj_data->getTitle().
"'.<br/>".
 
 1159                                         $this->lng->txt(
"msg_perm_adopted_from2"),
true);
 
 1162                $this->ctrl->redirect($this, 
"perm");
 
 1172        $this->assignUserObject();
 
 1184                global $rbacreview,$rbacadmin;
 
 1186                if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
 
 1191                if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
 
 1192                        $this->obj_ref_id != ROLE_FOLDER_ID)
 
 1199                        $GLOBALS[
'lng']->loadLanguageModule(
'search');
 
 1204                $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
 
 1207                $assigned_users_new = array_diff($a_user_ids,array_intersect($a_user_ids,$assigned_users_all));
 
 1210        if (count($assigned_users_new) == 0)
 
 1213                        $this->ctrl->redirect($this,
'userassignment');
 
 1217        foreach ($assigned_users_new as $user)
 
 1219                        $rbacadmin->assignUser($this->object->getId(),$user,
false);
 
 1223                $this->
object->update();
 
 1226                $this->ctrl->redirect($this,
'userassignment');
 
 1236        global $rbacsystem, $rbacadmin, $rbacreview;
 
 1238                if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
 
 1240                        $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
 
 1243        $selected_users = (
$_POST[
"user_id"]) ? 
$_POST[
"user_id"] : array(
$_GET[
"user_id"]);
 
 1245                if ($selected_users[0]=== NULL)
 
 1247                        $this->
ilias->raiseError($this->lng->txt(
"no_checkbox"),$this->
ilias->error_obj->MESSAGE);
 
 1251                if ($this->object->getId() == SYSTEM_ROLE_ID)
 
 1253            if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !== 
false)
 
 1254                            unset($selected_users[$admin]);
 
 1258                $last_role = array();
 
 1259                $global_roles = $rbacreview->getGlobalRoles();
 
 1261                foreach ($selected_users as $user)
 
 1263                        $assigned_roles = $rbacreview->assignedRoles($user);
 
 1264                        $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
 
 1266                        if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
 
 1268                                $userObj = $this->
ilias->obj_factory->getInstanceByObjId($user);
 
 1269                                $last_role[$user] = $userObj->getFullName();
 
 1276                foreach ($selected_users as $user)
 
 1278                        if(!isset($last_role[$user]))
 
 1280                                $rbacadmin->deassignUser($this->object->getId(), $user);
 
 1285                $this->
object->update();
 
 1288                if(count($last_role))
 
 1290                        $user_list = implode(
", ",$last_role);
 
 1291                        ilUtil::sendFailure($this->lng->txt(
'msg_is_last_role').
': '.$user_list.
'<br />'.$this->lng->txt(
'msg_min_one_role'),
true);
 
 1297                $this->ctrl->redirect($this,
'userassignment');
 
 1308                if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
 
 1310                        $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
 
 1313                $this->tabs_gui->setTabActive(
'user_assignment');
 
 1315                $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.rbac_ua.html',
'Services/AccessControl');
 
 1317                include_once 
'./Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
 
 1321                include_once 
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
 
 1323                        $this->object->getId() != SYSTEM_ROLE_ID ||
 
 1325                                        !$rbacreview->isAssigned(
$ilUser->getId(),SYSTEM_ROLE_ID) or
 
 1333                        include_once 
'./Services/Search/classes/class.ilRepositorySearchGUI.php';
 
 1338                                        'auto_complete_name'    => 
$lng->txt(
'user'),
 
 1339                                        'submit_name'                   => 
$lng->txt(
'add')
 
 1350                                $this->lng->txt(
'search_user'),
 
 1351                                $this->ctrl->getLinkTargetByClass(
'ilRepositorySearchGUI',
'start')
 
 1357                        $this->lng->txt(
'role_mailto'),
 
 1358                        $this->ctrl->getLinkTarget($this,
'mailToRole')
 
 1360                $this->tpl->setVariable(
'BUTTONS_UA',$tb->getHTML());
 
 1363                include_once 
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
 
 1364                $role_assignment_editable = 
true;
 
 1366                                $this->object->getId() == SYSTEM_ROLE_ID &&
 
 1369                        $role_assignment_editable = 
false;
 
 1372                include_once 
'./Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
 
 1375                $this->tpl->setVariable(
'TABLE_UA',$ut->getHTML());
 
 1388                if (
$_GET[
"new_type"] != 
"role")
 
 1390                        $this->ctrl->redirect($this, 
"userassignment");
 
 1394                        $this->ctrl->redirectByClass(
"ilobjrolefoldergui",
"view");
 
 1401                global $rbacsystem,$rbacreview;
 
 1405                if (!is_array(
$_POST[
"role"]))
 
 1408                        $this->searchObject();
 
 1413                $this->tpl->addBlockFile(
"ADM_CONTENT", 
"adm_content", 
"tpl.role_usr_selection.html", 
"Services/AccessControl");
 
 1414                $this->
__showButton(
"searchUserForm",$this->lng->txt(
"role_new_search"));
 
 1419                foreach (
$_POST[
"role"] as $role_id)
 
 1421                        $members = array_merge($rbacreview->assignedUsers($role_id),$members);
 
 1424                $members = array_unique($members);
 
 1428                $f_result = array();
 
 1430                foreach($members as $user)
 
 1437                        $user_ids[$counter] = $user;
 
 1441                        $f_result[$counter][] = $tmp_obj->getLogin();
 
 1442                        $f_result[$counter][] = $tmp_obj->getFirstname();
 
 1443                        $f_result[$counter][] = $tmp_obj->getLastname();
 
 1449                $this->__showSearchUserTable($f_result,$user_ids,
"listUsersRole");
 
 1460                foreach ($a_path_arr as 
$data)
 
 1470                if (strlen(
$path) > 50)
 
 1472                        return '...'.substr(
$path,-50);
 
 1481                $this->tpl->addBlockFile(
"CONTENT", 
"content", 
"tpl.adm_content.html");
 
 1482                $this->tpl->addBlockFile(
"STATUSLINE", 
"statusline", 
"tpl.statusline.html");
 
 1502                $this->tpl->setTitle($this->lng->txt(
'role'));
 
 1503                $this->tpl->setDescription($this->object->getTitle());
 
 1506                $this->
getTabs($this->tabs_gui);
 
 1515                $this->tpl->addBlockFile(
"LOCATOR", 
"locator", 
"tpl.locator.html", 
"Services/Locator");
 
 1519                foreach (
$tree->getPathFull($this->obj_ref_id) as $key => 
$row)
 
 1523                                $this->tpl->touchBlock(
'locator_separator_prefix');
 
 1526                        $this->tpl->setCurrentBlock(
"locator_item");
 
 1528                        if (
$row[
"type"] == 
'rolf')
 
 1530                                $this->tpl->setVariable(
"ITEM",$this->object->getTitle());
 
 1531                                $this->tpl->setVariable(
"LINK_ITEM",$this->ctrl->getLinkTarget($this));
 
 1533                        elseif (
$row[
"child"] != 
$tree->getRootId())
 
 1535                                $ilCtrl->setParameterByClass(
"ilrepositorygui", 
"ref_id", 
$row[
"child"]);
 
 1536                                $this->tpl->setVariable(
"ITEM", 
$row[
"title"]);
 
 1537                                $this->tpl->setVariable(
"LINK_ITEM",
 
 1538                                        $ilCtrl->getLinkTargetByClass(
"ilrepositorygui", 
""));
 
 1542                                $ilCtrl->setParameterByClass(
"ilrepositorygui", 
"ref_id", 
$row[
"child"]);
 
 1543                                $this->tpl->setVariable(
"ITEM", $this->lng->txt(
"repository"));
 
 1544                                $this->tpl->setVariable(
"LINK_ITEM",
 
 1545                                        $ilCtrl->getLinkTargetByClass(
"ilrepositorygui", 
""));
 
 1547                        $ilCtrl->setParameterByClass(
"ilrepositorygui", 
"ref_id", 
$_GET[
"ref_id"]);
 
 1549                        $this->tpl->parseCurrentBlock();
 
 1552                $this->tpl->setVariable(
"TXT_LOCATOR",$this->lng->txt(
"locator"));
 
 1553                $this->tpl->parseCurrentBlock();
 
 1564                if (
$_GET[
"admin_mode"] == 
"settings" 
 1565                        && 
$_GET[
"ref_id"] == ROLE_FOLDER_ID)   
 
 1567                        parent::addAdminLocatorItems(
true);
 
 1569                        $ilLocator->addItem($this->lng->txt(
"obj_".ilObject::_lookupType(
 
 1571                                $this->ctrl->getLinkTargetByClass(
"ilobjrolefoldergui", 
"view"));
 
 1573                        if (
$_GET[
"obj_id"] > 0)
 
 1575                                $ilLocator->addItem($this->object->getTitle(),
 
 1576                                        $this->ctrl->getLinkTarget($this, 
"view"));
 
 1590                global $rbacsystem,$rbacreview, $ilHelp;
 
 1592                $base_role_container = $rbacreview->getFoldersAssignedToRole($this->object->getId(),
true);
 
 1595                $activate_role_edit = 
false;
 
 1599                if (in_array($this->obj_ref_id,$base_role_container) ||
 
 1600                        (strtolower(
$_GET[
"baseClass"]) == 
"iladministrationgui" &&
 
 1601                        $_GET[
"admin_mode"] == 
"settings"))
 
 1603                        $activate_role_edit = 
true;
 
 1607                $tabs_gui->clearTargets();
 
 1609                $ilHelp->setScreenIdComponent(
"role");
 
 1611                if ($this->back_target != 
"")
 
 1613                        $tabs_gui->setBackTarget(
 
 1614                                $this->back_target[
"text"],$this->back_target[
"link"]);
 
 1617                if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit)
 
 1619                        $tabs_gui->addTarget(
"edit_properties",
 
 1620                                $this->ctrl->getLinkTarget($this, 
"edit"), array(
"edit",
"update"), get_class($this));
 
 1636                        $tabs_gui->addTarget(
 
 1637                                "default_perm_settings",
 
 1638                                $this->ctrl->getLinkTarget($this, 
"perm"), array(),get_class($this)
 
 1642                if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
 
 1644                        $tabs_gui->addTarget(
"user_assignment",
 
 1645                                $this->ctrl->getLinkTarget($this, 
"userassignment"),
 
 1646                                array(
"deassignUser", 
"userassignment", 
"assignUser", 
"searchUserForm", 
"search"),
 
 1650                if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit  && $this->object->getId() != ANONYMOUS_ROLE_ID)
 
 1652                        $tabs_gui->addTarget(
"desktop_items",
 
 1653                                $this->ctrl->getLinkTarget($this, 
"listDesktopItems"),
 
 1654                                array(
"listDesktopItems", 
"deleteDesktopItems", 
"selectDesktopItem", 
"askDeleteDesktopItem"),
 
 1659                        $tabs_gui->addTarget(
 
 1661                                        $this->ctrl->getLinkTargetByClass(
'ilExportGUI'),
 
 1673                if(count($obj_ids) > 1)
 
 1675                        $_SESSION[
'mail_roles'][] = 
'#il_role_'.$this->object->getId();
 
 1679                        $_SESSION[
'mail_roles'][] = $rbacreview->getRoleMailboxAddress($this->object->getId());
 
 1682        require_once 
'Services/Mail/classes/class.ilMailFormCall.php';
 
 1689                global $rbacsystem,$ilAccess;
 
 1691                $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
 
 1693                if($this->obj_ref_id == ROLE_FOLDER_ID)
 
 1695                        return $rbacsystem->checkAccess($a_perm_global,$this->obj_ref_id);
 
 1699                        return $ilAccess->checkAccess($a_perm_obj,
'',$this->obj_ref_id);
 
 1711                if(!(
int) 
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list']))
 
 1717                if($rbacreview->isProtected($this->obj_ref_id, $this->object->getId()))
 
 1721                        return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
 
 1727                        return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
 
 1737                $protected = 
$_POST[
'protected'];
 
 1739                include_once 
'./Services/Form/classes/class.ilPropertyFormGUI.php';
 
 1741                $form->setFormAction($this->ctrl->getFormAction($this,
'changeExistingObjects'));
 
 1742                $form->setTitle($this->lng->txt(
'rbac_change_existing_confirm_tbl'));
 
 1744                $form->addCommandButton(
'changeExistingObjects', $this->lng->txt(
'change_existing_objects'));
 
 1745                $form->addCommandButton(
'perm',$this->lng->txt(
'cancel'));
 
 1750                                serialize(array(
'all')) :
 
 1751                                serialize(
$_POST[
'recursive_list'])
 
 1753                $form->addItem($hidden);
 
 1761                                $this->lng->txt(
'rbac_keep_local_policies'),
 
 1763                                $this->lng->txt(
'rbac_keep_local_policies_info')
 
 1770                                $this->lng->txt(
'rbac_keep_local_policies'),
 
 1772                                $this->lng->txt(
'rbac_unprotected_keep_local_policies_info')
 
 1776                $rad->addOption($keep);
 
 1781                                $this->lng->txt(
'rbac_delete_local_policies'),
 
 1783                                $this->lng->txt(
'rbac_delete_local_policies_info')
 
 1789                                $this->lng->txt(
'rbac_delete_local_policies'),
 
 1791                                $this->lng->txt(
'rbac_unprotected_delete_local_policies_info')
 
 1794                $rad->addOption($del);
 
 1796                $form->addItem($rad);
 
 1797                $this->tpl->setContent($form->getHTML());
 
 1806                global 
$tree,$rbacreview,$rbacadmin;
 
 1808                $mode = (int) 
$_POST[
'mode'];
 
 1809                $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : 
$this->obj_ref_id);
 
 1814                $this->ctrl->redirect($this,
'perm');
 
 1828                        case 'default_perm_settings':
 
 1829                                if($this->obj_ref_id != ROLE_FOLDER_ID)
 
 1833                                $ilTabs->addSubTabTarget(
 
 1834                                        'rbac_repository_permissions',
 
 1835                                        $this->ctrl->getLinkTarget($this,
'perm')
 
 1837                                $ilTabs->addSubTabTarget(
 
 1838                                        'rbac_admin_permissions',
 
 1839                                        $this->ctrl->getLinkTarget($this,
'adminPerm')
 
const USER_FOLDER_ID
Class ilObjUserFolder.
Accordion user interface class.
TableGUI class for role administration.
Confirmation screen class.
static _isActive()
Static getter.
static _isPersonalWorkspaceActive()
Static getter.
Export User Interface Class.
static newInstance($a_export_id)
Create new instance.
static allocateExportId()
Allocate a new export id.
This class represents a non editable value in a property form.
editObject()
Edit role properties.
performDeleteRoleObject()
Delete role.
saveObject()
Save new role.
updateObject()
Save role settings.
__formatPath($a_path_arr)
initFormRoleProperties($a_mode)
Create role prperty form.
userassignmentObject()
display user assignment panel
showChangeExistingObjectsConfirmation()
Show confirmation screen.
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor @access public.
setBackTarget($a_text, $a_link)
set back tab target
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
deassignUserObject()
de-assign users from role
permObject($a_show_admin_permissions=false)
Show template permissions.
loadRoleProperties(ilObjRole $role)
Store form input in role object.
assignSaveObject()
wrapper for renamed function
permSaveObject($a_show_admin_permissions=false)
save permissions
& executeCommand()
execute command
getParentType()
get type of current object (not role folder)
getContainerType()
Get type of role container.
getTabs(&$tabs_gui)
get tabs abstract method.
deleteDesktopItemsObject()
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
checkAccess($a_perm_global, $a_perm_obj='')
cancelObject()
cancelObject is called when an operation is canceled, method links back @access public
showDefaultPermissionSettings()
check if default permissions are shown or not
adminPermObject()
Show administration permissions.
assignDesktopItemObject()
adminPermSaveObject()
Save admin permissions.
addAdminLocatorItems()
should be overwritten to add object specific items (repository items are preloaded)
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
confirmDeleteRoleObject()
Show delete confirmation screen.
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
getParentRefId()
Get ref id of current object (not role folder id)
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
adoptPermSaveObject()
copy permissions from role
selectDesktopItemObject()
getParentObjId()
Get obj_id of current object.
setSubTabs($a_tab)
Set sub tabs.
getAdminTabs(&$tabs_gui)
admin and normal tabs are equal for roles
changeExistingObjectsObject()
Change existing objects.
askDeleteDesktopItemObject()
setAllowRegister($a_allow_register)
set allow_register of role
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
getPersonalWorkspaceDiskQuota()
getAllowRegister()
get allow_register
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
static isAutoGenerated($a_role_id)
toggleAssignUsersStatus($a_assign_users)
setDiskQuota($a_disk_quota)
_getTranslation($a_role_title)
setPersonalWorkspaceDiskQuota($a_disk_quota)
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Class ilObjectGUI Basic methods of all Output classes.
__showButton($a_cmd, $a_text, $a_target='')
ilObjectGUI($a_data, $a_id=0, $a_call_by_reference=true, $a_prepare_output=true)
Constructor @access public.
prepareOutput()
prepare output
Table for object role permissions.
Table for object role permissions.
static _lookupObjId($a_id)
setTitle($a_title)
set object title
setDescription($a_desc)
set object description
getDescription()
get object description
getId()
get object id @access public
static _lookupType($a_id, $a_reference=false)
lookup object type
static _getIdsForTitle($title, $type='', $partialmatch=false)
getTitle()
get object title @access public
static lookupTxt($a_mod_prefix, $a_pl_id, $a_lang_var)
Lookup language text.
This class represents an option in a radio group.
static diffTemplate(array $a_old, array $a_new)
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static gatherTemplate($a_role_ref_id, $a_role_id)
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array())
fill toolbar with
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07....
static _getInstance()
Get instance of ilSecuritySettings.
This class represents a text area property in a property form.
This class represents a text property in a property form.
static formCheckbox($checked, $varname, $value, $disabled=false)
??? @access public
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
static tf2yn($a_tf)
convert true/false to "y"/"n"
static sortArray($array, $a_array_sortby, $a_array_sortorder=0, $a_numeric=false, $a_keep_keys=false)
sortArray
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
static redirect($a_script)
http redirect to other script
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static switchColor($a_num, $a_css1, $a_css2)
switches style sheets for each even $a_num (used for changing colors of different result rows)
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
static infoPanel($a_keep=true)
redirection script todo: (a better solution should control the processing via a xml file)
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
if(!is_array($argv)) $options