ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f870
class.ilObjRoleGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4include_once "./Services/Object/classes/class.ilObjectGUI.php";
5include_once './Services/AccessControl/classes/class.ilObjRole.php';
6
20{
25
31 var $type;
32
33
34 protected $obj_ref_id = 0;
35 protected $obj_obj_id = 0;
36 protected $obj_obj_type = '';
37 protected $container_type = '';
38
39
40 var $ctrl;
41
46 function __construct($a_data,$a_id,$a_call_by_reference = false,$a_prepare_output = true)
47 {
48 global $tree,$lng;
49
50 $lng->loadLanguageModule('rbac');
51
52 //TODO: move this to class.ilias.php
53 define("USER_FOLDER_ID",7);
54
55 // Add ref_id of object that contains this role folder
56
57 $this->obj_ref_id =
58 ((int) $_REQUEST['rolf_ref_id'] ?
59 (int) $_REQUEST['rolf_ref_id'] :
60 (int) $_REQUEST['ref_id']
61 );
62
63 $this->obj_obj_id = ilObject::_lookupObjId($this->getParentRefId());
64 $this->obj_obj_type = ilObject::_lookupType($this->getParentObjId());
65
66 $this->container_type = ilObject::_lookupType(ilObject::_lookupObjId($this->obj_ref_id));
67
68 $this->type = "role";
69 $this->ilObjectGUI($a_data,$a_id,$a_call_by_reference,false);
70 $this->ctrl->saveParameter($this, array('obj_id', 'rolf_ref_id'));
71 }
72
73
74 function &executeCommand()
75 {
76 global $rbacsystem;
77
78 $this->prepareOutput();
79
80 $next_class = $this->ctrl->getNextClass($this);
81 $cmd = $this->ctrl->getCmd();
82
83 switch($next_class)
84 {
85 case 'ilrepositorysearchgui':
86
87 if(!$GLOBALS['ilAccess']->checkAccess('edit_permission','', $this->obj_ref_id))
88 {
89 $GLOBALS['ilErr']->raiseError($GLOBALS['lng']->txt('permission_denied'), $GLOBALS['ilErr']->WARNING);
90 }
91 include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
92 $rep_search =& new ilRepositorySearchGUI();
93 $rep_search->setTitle($this->lng->txt('role_add_user'));
94 $rep_search->setCallback($this,'addUserObject');
95
96 // Set tabs
97 $this->tabs_gui->setTabActive('user_assignment');
98 $this->ctrl->setReturn($this,'userassignment');
99 $ret =& $this->ctrl->forwardCommand($rep_search);
100 break;
101
102 case 'ilexportgui':
103
104 $this->tabs_gui->setTabActive('export');
105
106 include_once './Services/Export/classes/class.ilExportOptions.php';
108 $eo->addOption(ilExportOptions::KEY_ROOT,0,$this->object->getId(),$this->obj_ref_id);
109
110 include_once './Services/Export/classes/class.ilExportGUI.php';
111 $exp = new ilExportGUI($this, new ilObjRole($this->object->getId()));
112 $exp->addFormat('xml');
113 $this->ctrl->forwardCommand($exp);
114 break;
115
116 default:
117 if(!$cmd)
118 {
120 {
121 $cmd = "perm";
122 }
123 else
124 {
125 $cmd = 'userassignment';
126 }
127 }
128 $cmd .= "Object";
129 $this->$cmd();
130
131 break;
132 }
133
134 return true;
135 }
136
141 public function getParentRefId()
142 {
143 return $this->obj_ref_id;
144 }
145
150 public function getParentObjId()
151 {
152 return $this->obj_obj_id;
153 }
154
159 public function getParentType()
160 {
161 return $this->obj_obj_type;
162 }
163
167 function setBackTarget($a_text, $a_link)
168 {
169 $this->back_target = array("text" => $a_text,
170 "link" => $a_link);
171 }
172
173 public function getBackTarget()
174 {
175 return $this->back_target ? $this->back_target : array();
176 }
177
181 function getAdminTabs(&$tabs_gui)
182 {
183 $this->getTabs($tabs_gui);
184 }
185
190 protected function getContainerType()
191 {
193 }
194
199 protected function showDefaultPermissionSettings()
200 {
201 global $objDefinition;
202
203 return $objDefinition->isContainer($this->getContainerType());
204 }
205
206
208 {
209 global $rbacsystem,$rbacreview,$tree;
210
211
212 if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
213 $this->obj_ref_id != ROLE_FOLDER_ID)
214 {
215 ilUtil::sendInfo($this->lng->txt('role_no_users_no_desk_items'));
216 return true;
217 }
218
219
220 include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
221 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
222
223 if($rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
224 {
225 $this->__showButton('selectDesktopItem',$this->lng->txt('role_desk_add'));
226 }
227 if(!count($items = $role_desk_item_obj->getAll()))
228 {
229 ilUtil::sendInfo($this->lng->txt('role_desk_none_created'));
230 return true;
231 }
232 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_list.html", "Services/AccessControl");
233 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
234 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.svg'));
235 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
236 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
237 $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
238 $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
239 $this->tpl->setVariable("IMG_ARROW",ilUtil::getImagePath('arrow_downright.svg'));
240
241 $counter = 0;
242
243 foreach($items as $role_item_id => $item)
244 {
245 $tmp_obj = ilObjectFactory::getInstanceByRefId($item['item_id']);
246
247 if(strlen($desc = $tmp_obj->getDescription()))
248 {
249 $this->tpl->setCurrentBlock("description");
250 $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
251 $this->tpl->parseCurrentBlock();
252 }
253 $this->tpl->setCurrentBlock("desk_row");
254 $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
255 $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
256 $this->tpl->setVariable("CHECK_DESK",ilUtil::formCheckBox(0,'del_desk_item[]',$role_item_id));
257 $this->tpl->setVariable("TXT_PATH",$this->lng->txt('path').':');
258 $this->tpl->setVariable("PATH",$this->__formatPath($tree->getPathFull($item['item_id'])));
259 $this->tpl->parseCurrentBlock();
260 }
261
262 return true;
263 }
264
266 {
267 global $rbacsystem;
268
269
270 if(!$this->checkAccess('edit_permission'))
271 {
272 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
273 }
274 if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
275 {
276 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
277 }
278 if(!count($_POST['del_desk_item']))
279 {
280 ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
281
282 $this->listDesktopItemsObject();
283
284 return true;
285 }
286 ilUtil::sendQuestion($this->lng->txt('role_sure_delete_desk_items'));
287
288 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_ask_delete_desktop_item.html", "Services/AccessControl");
289 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
290 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.svg'));
291 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
292 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
293 $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
294 $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
295 $this->tpl->setVariable("BTN_CANCEL",$this->lng->txt('cancel'));
296
297 include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
298
299 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
300
301 $counter = 0;
302
303 foreach($_POST['del_desk_item'] as $role_item_id)
304 {
305 $item_data = $role_desk_item_obj->getItem($role_item_id);
306 $tmp_obj =& ilObjectFactory::getInstanceByRefId($item_data['item_id']);
307
308 if(strlen($desc = $tmp_obj->getDescription()))
309 {
310 $this->tpl->setCurrentBlock("description");
311 $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
312 $this->tpl->parseCurrentBlock();
313 }
314 $this->tpl->setCurrentBlock("desk_row");
315 $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
316 $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
317 $this->tpl->parseCurrentBlock();
318 }
319
320 $_SESSION['role_del_desk_items'] = $_POST['del_desk_item'];
321
322 return true;
323 }
324
326 {
327 global $rbacsystem;
328
329 if(!$this->checkAccess('edit_permission'))
330 {
331 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
332 }
333
334 if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
335 {
336 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
337 }
338
339 if (!count($_SESSION['role_del_desk_items']))
340 {
341 ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
342
343 $this->listDesktopItemsObject();
344
345 return true;
346 }
347
348 include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
349
350 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
351
352 foreach ($_SESSION['role_del_desk_items'] as $role_item_id)
353 {
354 $role_desk_item_obj->delete($role_item_id);
355 }
356
357 ilUtil::sendSuccess($this->lng->txt('role_deleted_desktop_items'));
358 $this->listDesktopItemsObject();
359
360 return true;
361 }
362
363
365 {
366 global $rbacsystem,$tree;
367
368 include_once 'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
369 include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
370
371 if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
372 {
373 #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
374 ilUtil::sendFailure($this->lng->txt('permission_denied'));
375 $this->listDesktopItemsObject();
376 return false;
377 }
378
379 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_selector.html", "Services/AccessControl");
380 $this->__showButton('listDesktopItems',$this->lng->txt('back'));
381
382 ilUtil::sendInfo($this->lng->txt("role_select_desktop_item"));
383
384 $exp = new ilRoleDesktopItemSelector($this->ctrl->getLinkTarget($this,'selectDesktopItem'),
385 new ilRoleDesktopItem($this->object->getId()));
386 $exp->setExpand($_GET["role_desk_item_link_expand"] ? $_GET["role_desk_item_link_expand"] : $tree->readRootId());
387 $exp->setExpandTarget($this->ctrl->getLinkTarget($this,'selectDesktopItem'));
388
389 $exp->setOutput(0);
390
391 $output = $exp->getOutput();
392 $this->tpl->setVariable("EXPLORER",$output);
393 //$this->tpl->setVariable("EXPLORER", $exp->getOutput());
394
395 return true;
396 }
397
399 {
400 global $rbacsystem;
401
402 if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
403 {
404 $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
405 return false;
406 }
407
408
409 if (!isset($_GET['item_id']))
410 {
411 ilUtil::sendFailure($this->lng->txt('role_no_item_selected'));
413
414 return false;
415 }
416
417 include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
418
419 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
420 $role_desk_item_obj->add((int) $_GET['item_id'],ilObject::_lookupType((int) $_GET['item_id'],true));
421
422 ilUtil::sendSuccess($this->lng->txt('role_assigned_desktop_item'));
423
424 $this->ctrl->redirect($this,'listDesktopItems');
425 return true;
426 }
427
433 protected function initFormRoleProperties($a_mode)
434 {
435 include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
436 $this->form = new ilPropertyFormGUI();
437
438 if($this->creation_mode)
439 {
440 $this->ctrl->setParameter($this, "new_type", 'role');
441 }
442 $this->form->setFormAction($this->ctrl->getFormAction($this));
443
444 switch($a_mode)
445 {
447 $this->form->setTitle($this->lng->txt('role_new'));
448 $this->form->addCommandButton('save',$this->lng->txt('role_new'));
449 break;
450
452 $this->form->setTitle($this->lng->txt('role_edit'));
453 $this->form->addCommandButton('update', $this->lng->txt('save'));
454 break;
455
458 }
459 // Fix cancel
460 $this->form->addCommandButton('cancel', $this->lng->txt('cancel'));
461
462 $title = new ilTextInputGUI($this->lng->txt('title'),'title');
463 if(ilObjRole::isAutoGenerated($this->object->getId()))
464 {
465 $title->setDisabled(true);
466 }
467 else
468 {
469 //#17111 No validation for disabled fields
470 $title->setValidationRegexp('/^(?!il_).*$/');
471 $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
472 }
473
474 $title->setSize(40);
475 $title->setMaxLength(70);
476 $title->setRequired(true);
477 $this->form->addItem($title);
478
479 $desc = new ilTextAreaInputGUI($this->lng->txt('description'),'desc');
480 if(ilObjRole::isAutoGenerated($this->object->getId()))
481 {
482 $desc->setDisabled(true);
483 }
484 $desc->setCols(40);
485 $desc->setRows(3);
486 $this->form->addItem($desc);
487
488 if($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE)
489 {
490 $ilias_id = new ilNonEditableValueGUI($this->lng->txt("ilias_id"), "ilias_id");
491 $this->form->addItem($ilias_id);
492 }
493
494 if($this->obj_ref_id == ROLE_FOLDER_ID)
495 {
496 $reg = new ilCheckboxInputGUI($this->lng->txt('allow_register'),'reg');
497 $reg->setValue(1);
498 #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
499 $this->form->addItem($reg);
500
501 $la = new ilCheckboxInputGUI($this->lng->txt('allow_assign_users'),'la');
502 $la->setValue(1);
503 #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
504 $this->form->addItem($la);
505 }
506
507 $pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'),'pro');
508 $pro->setValue(1);
509 #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
510 $this->form->addItem($pro);
511
512 include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
514 {
515 $quo = new ilNumberInputGUI($this->lng->txt('disk_quota'),'disk_quota');
516 $quo->setMinValue(0);
517 $quo->setSize(4);
518 $quo->setInfo($this->lng->txt('enter_in_mb_desc').'<br />'.$this->lng->txt('disk_quota_on_role_desc'));
519 $this->form->addItem($quo);
520 }
522 {
523 $this->lng->loadLanguageModule("file");
524 $wquo = new ilNumberInputGUI($this->lng->txt('personal_workspace_disk_quota'),'wsp_disk_quota');
525 $wquo->setMinValue(0);
526 $wquo->setSize(4);
527 $wquo->setInfo($this->lng->txt('enter_in_mb_desc').'<br />'.$this->lng->txt('disk_quota_on_role_desc'));
528 $this->form->addItem($wquo);
529 }
530
531 return true;
532 }
533
539 protected function loadRoleProperties(ilObjRole $role)
540 {
541 //Don't set if fields are disabled to prevent html manipulation.
542 if(!$this->form->getItemByPostVar('title')->getDisabled())
543 {
544 $role->setTitle($this->form->getInput('title'));
545
546 }
547 if(!$this->form->getItemByPostVar('desc')->getDisabled())
548 {
549 $role->setDescription($this->form->getInput('desc'));
550 }
551 $role->setAllowRegister($this->form->getInput('reg'));
552 $role->toggleAssignUsersStatus($this->form->getInput('la'));
553 $role->setDiskQuota($this->form->getInput('disk_quota') * pow(ilFormat::_getSizeMagnitude(),2));
554 $role->setPersonalWorkspaceDiskQuota($this->form->getInput('wsp_disk_quota') * pow(ilFormat::_getSizeMagnitude(),2));
555 return true;
556 }
557
563 protected function readRoleProperties(ilObjRole $role)
564 {
565 global $rbacreview;
566
567 include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
568
569 $data['title'] = $role->getTitle();
570 $data['desc'] = $role->getDescription();
571 $data['ilias_id'] = 'il_'.IL_INST_ID.'_'.ilObject::_lookupType($role->getId()).'_'.$role->getId();
572 $data['reg'] = $role->getAllowRegister();
573 $data['la'] = $role->getAssignUsersStatus();
575 {
576 $data['disk_quota'] = $role->getDiskQuota() / (pow(ilFormat::_getSizeMagnitude(),2));
577 }
579 {
580 $data['wsp_disk_quota'] = $role->getPersonalWorkspaceDiskQuota() / (pow(ilFormat::_getSizeMagnitude(),2));
581 }
582 $data['pro'] = $rbacreview->isProtected($this->obj_ref_id, $role->getId());
583
584 $this->form->setValuesByArray($data);
585 }
586
587
588
589
595 public function createObject()
596 {
597 global $rbacsystem;
598
599 if(!$rbacsystem->checkAccess('create_role',$this->obj_ref_id))
600 {
601 $ilErr->raiseError($this->lng->txt('permission_denied'),$ilErr->MESSAGE);
602 }
603
604 $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
605 $this->tpl->setContent($this->form->getHTML());
606 }
607
612 public function editObject()
613 {
614 global $rbacsystem, $rbacreview, $ilSetting,$ilErr,$ilToolbar;
615
616 if(!$this->checkAccess('write','edit_permission'))
617 {
618 $ilErr->raiseError($this->lng->txt("msg_no_perm_write"),$ilErr->MESSAGE);
619 }
620
621 // Show copy role button
622 if($this->object->getId() != SYSTEM_ROLE_ID)
623 {
624 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
625 if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
626 {
627 $ilToolbar->addButton(
628 $this->lng->txt('rbac_delete_role'),
629 $this->ctrl->getLinkTarget($this,'confirmDeleteRole')
630 );
631 }
632 }
633
634 $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
635 $this->readRoleProperties($this->object);
636 $this->tpl->setContent($this->form->getHTML());
637 }
638
639
644 public function saveObject()
645 {
646 global $rbacadmin,$rbacreview;
647
648 $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
649 if($this->form->checkInput() and !$this->checkDuplicate())
650 {
651 include_once './Services/AccessControl/classes/class.ilObjRole.php';
652 $this->loadRoleProperties($this->role = new ilObjRole());
653 $this->role->create();
654 $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id,'y');
655 $rbacadmin->setProtected(
656 $this->obj_ref_id,
657 $this->role->getId(),
658 $this->form->getInput('pro') ? 'y' : 'n'
659 );
660 ilUtil::sendSuccess($this->lng->txt("role_added"),true);
661 $this->ctrl->setParameter($this,'obj_id',$this->role->getId());
662 $this->ctrl->redirect($this,'perm');
663 }
664
665 ilUtil::sendFailure($this->lng->txt('err_check_input'));
666 $this->form->setValuesByPost();
667 $this->tpl->setContent($this->form->getHTML());
668 return false;
669 }
670
675 protected function checkDuplicate($a_role_id = 0)
676 {
677 // disabled due to mantis #0013742: Renaming global roles: ILIAS denies if title fits other role title partially
678 return FALSE;
679 }
680
685 public function updateObject()
686 {
687 global $rbacadmin;
688
689 $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
690 if($this->form->checkInput() and !$this->checkDuplicate($this->object->getId()))
691 {
692 include_once './Services/AccessControl/classes/class.ilObjRole.php';
693 $this->loadRoleProperties($this->object);
694 $this->object->update();
695 $rbacadmin->setProtected(
696 $this->obj_ref_id,
697 $this->object->getId(),
698 $this->form->getInput('pro') ? 'y' : 'n'
699 );
700 ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
701 $this->ctrl->redirect($this,'edit');
702 }
703
704 ilUtil::sendFailure($this->lng->txt('err_check_input'));
705 $this->form->setValuesByPost();
706 $this->tpl->setContent($this->form->getHTML());
707 return false;
708 }
709
714 protected function permObject($a_show_admin_permissions = false)
715 {
716 global $ilTabs, $ilErr, $ilToolbar, $objDefinition,$rbacreview;
717
718 $ilTabs->setTabActive('default_perm_settings');
719
720 $this->setSubTabs('default_perm_settings');
721
722 if($a_show_admin_permissions)
723 {
724 $ilTabs->setSubTabActive('rbac_admin_permissions');
725 }
726 else
727 {
728 $ilTabs->setSubTabActive('rbac_repository_permissions');
729 }
730
731 if(!$this->checkAccess('write','edit_permission'))
732 {
733 $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->MESSAGE);
734 return true;
735 }
736
737 // Show copy role button
738 if($this->object->getId() != SYSTEM_ROLE_ID)
739 {
740 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
741 $ilToolbar->addButton(
742 $this->lng->txt("adopt_perm_from_template"),
743 $this->ctrl->getLinkTarget($this,'adoptPerm')
744 );
745 if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
746 {
747 $ilToolbar->addButton(
748 $this->lng->txt('rbac_delete_role'),
749 $this->ctrl->getLinkTarget($this,'confirmDeleteRole')
750 );
751 }
752 }
753
754 $this->tpl->addBlockFile(
755 'ADM_CONTENT',
756 'adm_content',
757 'tpl.rbac_template_permissions.html',
758 'Services/AccessControl'
759 );
760
761 $this->tpl->setVariable('PERM_ACTION',$this->ctrl->getFormAction($this));
762
763 include_once './Services/Accordion/classes/class.ilAccordionGUI.php';
764 $acc = new ilAccordionGUI();
765 $acc->setBehaviour(ilAccordionGUI::FORCE_ALL_OPEN);
766 $acc->setId('template_perm_'.$this->getParentRefId());
767
768 if($this->obj_ref_id == ROLE_FOLDER_ID)
769 {
770 if($a_show_admin_permissions)
771 {
772 $subs = $objDefinition->getSubObjectsRecursively('adm',true,true);
773 }
774 else
775 {
776 $subs = $objDefinition->getSubObjectsRecursively('root',true,$a_show_admin_permissions);
777 }
778 }
779 else
780 {
781 $subs = $objDefinition->getSubObjectsRecursively($this->getParentType(),true,$a_show_admin_permissions);
782 }
783
784 $sorted = array();
785 foreach($subs as $subtype => $def)
786 {
787 if($objDefinition->isPlugin($subtype))
788 {
789 $translation = ilPlugin::lookupTxt("rep_robj", $subtype,"obj_".$subtype);
790 }
791 elseif($objDefinition->isSystemObject($subtype))
792 {
793 $translation = $this->lng->txt("obj_".$subtype);
794 }
795 else
796 {
797 $translation = $this->lng->txt('objs_'.$subtype);
798 }
799
800 $sorted[$subtype] = $def;
801 $sorted[$subtype]['translation'] = $translation;
802 }
803
804
805 $sorted = ilUtil::sortArray($sorted, 'translation','asc',true,true);
806 foreach($sorted as $subtype => $def)
807 {
808 if($objDefinition->isPlugin($subtype))
809 {
810 $translation = ilPlugin::lookupTxt("rep_robj", $subtype,"obj_".$subtype);
811 }
812 elseif($objDefinition->isSystemObject($subtype))
813 {
814 $translation = $this->lng->txt("obj_".$subtype);
815 }
816 else
817 {
818 $translation = $this->lng->txt('objs_'.$subtype);
819 }
820
821 include_once 'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
823 $this,
824 'perm',
825 $this->getParentRefId(),
826 $this->object->getId(),
827 $subtype,
828 $a_show_admin_permissions
829 );
830 $tbl->parse();
831
832 $acc->addItem($translation, $tbl->getHTML());
833 }
834
835 $this->tpl->setVariable('ACCORDION',$acc->getHTML());
836
837 // Add options table
838 include_once './Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
840 $this,
841 'perm',
842 $this->obj_ref_id,
843 $this->object->getId(),
844 $a_show_admin_permissions
845 );
846 if($this->object->getId() != SYSTEM_ROLE_ID)
847 {
848 $options->addMultiCommand(
849 $a_show_admin_permissions ? 'adminPermSave' : 'permSave',
850 $this->lng->txt('save')
851 );
852 }
853
854 $options->parse();
855 $this->tpl->setVariable('OPTIONS_TABLE',$options->getHTML());
856 }
857
862 protected function adminPermObject()
863 {
864 return $this->permObject(true);
865 }
866
871 protected function adminPermSaveObject()
872 {
873 return $this->permSaveObject(true);
874 }
875
876 protected function adoptPermObject()
877 {
878 global $rbacreview;
879
880 $output = array();
881
882 $parent_role_ids = $rbacreview->getParentRoleIds($this->obj_ref_id,true);
883 $ids = array();
884 foreach($parent_role_ids as $id => $tmp)
885 {
886 $ids[] = $id;
887 }
888 // Sort ids
889 $sorted_ids = ilUtil::_sortIds($ids,'object_data','type,title','obj_id');
890 $key = 0;
891 foreach($sorted_ids as $id)
892 {
893 $par = $parent_role_ids[$id];
894 if ($par["obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par["obj_id"])
895 {
896 $output[$key]["role_id"] = $par["obj_id"];
897 $output[$key]["type"] = ($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt'));
898 $output[$key]["role_name"] = ilObjRole::_getTranslation($par["title"]);
899 $output[$key]["role_desc"] = $par["desc"];
900 $key++;
901 }
902 }
903
904
905 include_once('./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
906
907 $tbl = new ilRoleAdoptPermissionTableGUI($this, "adoptPerm");
908 $tbl->setTitle($this->lng->txt("adopt_perm_from_template"));
909 $tbl->setData($output);
910
911 $this->tpl->setContent($tbl->getHTML());
912 }
913
918 protected function confirmDeleteRoleObject()
919 {
920 global $ilErr,$rbacreview,$ilUser;
921
922 $access = $this->checkAccess('visible,write','edit_permission');
923 if (!$access)
924 {
925 $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->WARNING);
926 }
927
928 $question = $this->lng->txt('rbac_role_delete_qst');
929 if($rbacreview->isAssigned($ilUser->getId(), $this->object->getId()))
930 {
931 $question .= ('<br />'.$this->lng->txt('rbac_role_delete_self'));
932 }
933 ilUtil::sendQuestion($question);
934
935 include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
936
937 $confirm = new ilConfirmationGUI();
938 $confirm->setFormAction($this->ctrl->getFormAction($this));
939 $confirm->setHeaderText($question);
940 $confirm->setCancel($this->lng->txt('cancel'), 'perm');
941 $confirm->setConfirm($this->lng->txt('rbac_delete_role'), 'performDeleteRole');
942
943 $confirm->addItem(
944 'role',
945 $this->object->getId(),
946 $this->object->getTitle(),
947 ilUtil::getImagePath('icon_role.svg')
948 );
949
950 $this->tpl->setContent($confirm->getHTML());
951 return true;
952 }
953
954
959 protected function performDeleteRoleObject()
960 {
961 global $ilErr;
962
963 $access = $this->checkAccess('visible,write','edit_permission');
964 if (!$access)
965 {
966 $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->WARNING);
967 }
968
969 $this->object->setParent((int) $this->obj_ref_id);
970 $this->object->delete();
971 ilUtil::sendSuccess($this->lng->txt('msg_deleted_role'),true);
972
973 $this->ctrl->returnToParent($this);
974 }
975
981 function permSaveObject($a_show_admin_permissions = false)
982 {
983 global $rbacsystem, $rbacadmin, $rbacreview, $objDefinition, $tree;
984
985 // for role administration check write of global role folder
986 $access = $this->checkAccess('visible,write','edit_permission');
987
988 if (!$access)
989 {
990 $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
991 }
992
993 // rbac log
994 include_once "Services/AccessControl/classes/class.ilRbacLog.php";
995 $rbac_log_active = ilRbacLog::isActive();
996 if($rbac_log_active)
997 {
998 $rbac_log_old = ilRbacLog::gatherTemplate($this->obj_ref_id, $this->object->getId());
999 }
1000
1001 // delete all template entries of enabled types
1002 if($this->obj_ref_id == ROLE_FOLDER_ID)
1003 {
1004 if($a_show_admin_permissions)
1005 {
1006 $subs = $objDefinition->getSubObjectsRecursively('adm',true,true);
1007 }
1008 else
1009 {
1010 $subs = $objDefinition->getSubObjectsRecursively('root',true,false);
1011 }
1012 }
1013 else
1014 {
1015 $subs = $objDefinition->getSubObjectsRecursively($this->getParentType(),true,false);
1016 }
1017
1018 foreach($subs as $subtype => $def)
1019 {
1020 // Delete per object type
1021 $rbacadmin->deleteRolePermission($this->object->getId(),$this->obj_ref_id,$subtype);
1022 }
1023
1024 if (empty($_POST["template_perm"]))
1025 {
1026 $_POST["template_perm"] = array();
1027 }
1028
1029 foreach ($_POST["template_perm"] as $key => $ops_array)
1030 {
1031 // sets new template permissions
1032 $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->obj_ref_id);
1033 }
1034
1035 if($rbac_log_active)
1036 {
1037 $rbac_log_new = ilRbacLog::gatherTemplate($this->obj_ref_id, $this->object->getId());
1038 $rbac_log_diff = ilRbacLog::diffTemplate($rbac_log_old, $rbac_log_new);
1039 ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE, $this->obj_ref_id, $rbac_log_diff);
1040 }
1041
1042 // update object data entry (to update last modification date)
1043 $this->object->update();
1044
1045 // set protected flag
1046 if ($this->obj_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id))
1047 {
1048 $rbacadmin->setProtected($this->obj_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST['protected']));
1049 }
1050
1051 if($a_show_admin_permissions)
1052 {
1053 $_POST['recursive'] = true;
1054 }
1055
1056 // Redirect if Change existing objects is not chosen
1057 if(!$_POST['recursive'] and !is_array($_POST['recursive_list']))
1058 {
1059 ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1060 if($a_show_admin_permissions)
1061 {
1062 $this->ctrl->redirect($this,'adminPerm');
1063 }
1064 else
1065 {
1066 $this->ctrl->redirect($this,'perm');
1067 }
1068 }
1069 // New implementation
1070 if($this->isChangeExistingObjectsConfirmationRequired() and !$a_show_admin_permissions)
1071 {
1073 return true;
1074 }
1075
1076 $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $this->obj_ref_id);
1077 if($a_show_admin_permissions)
1078 {
1079 $start = $tree->getParentId($this->obj_ref_id);
1080 }
1081
1082 if($_POST['protected'])
1083 {
1084 $this->object->changeExistingObjects(
1085 $start,
1087 array('all'),
1088 array()
1089 #$a_show_admin_permissions ? array('adm') : array()
1090 );
1091 }
1092 else
1093 {
1094 $this->object->changeExistingObjects(
1095 $start,
1097 array('all'),
1098 array()
1099 #$a_show_admin_permissions ? array('adm') : array()
1100 );
1101 }
1102 ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1103
1104 if($a_show_admin_permissions)
1105 {
1106 $this->ctrl->redirect($this,'adminPerm');
1107 }
1108 else
1109 {
1110 $this->ctrl->redirect($this,'perm');
1111 }
1112 return true;
1113 }
1114
1115
1122 {
1123 global $rbacadmin, $rbacsystem, $rbacreview, $tree;
1124
1125 if(!$_POST['adopt'])
1126 {
1127 ilUtil::sendFailure($this->lng->txt('select_one'));
1128 $this->adoptPermObject();
1129 return false;
1130 }
1131
1132 $access = $this->checkAccess('visible,write','edit_permission');
1133 if (!$access)
1134 {
1135 $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1136 }
1137
1138 if ($this->object->getId() == $_POST["adopt"])
1139 {
1140 ilUtil::sendFailure($this->lng->txt("msg_perm_adopted_from_itself"),true);
1141 }
1142 else
1143 {
1144 $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
1145 $parentRoles = $rbacreview->getParentRoleIds($this->obj_ref_id,true);
1146 $rbacadmin->copyRoleTemplatePermissions(
1147 $_POST["adopt"],
1148 $parentRoles[$_POST["adopt"]]["parent"],
1149 $this->obj_ref_id,
1150 $this->object->getId(),
1151 false);
1152
1153 // update object data entry (to update last modification date)
1154 $this->object->update();
1155
1156 // send info
1157 $obj_data =& $this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
1158 ilUtil::sendSuccess($this->lng->txt("msg_perm_adopted_from1")." '".$obj_data->getTitle()."'.<br/>".
1159 $this->lng->txt("msg_perm_adopted_from2"),true);
1160 }
1161
1162 $this->ctrl->redirect($this, "perm");
1163 }
1164
1171 {
1172 $this->assignUserObject();
1173 }
1174
1175
1176
1182 public function addUserObject($a_user_ids)
1183 {
1184 global $rbacreview,$rbacadmin;
1185
1186 if(!$this->checkAccess('edit_userassignment','edit_permission'))
1187 {
1188 ilUtil::sendFailure($this->lng->txt('msg_no_perm_assign_user_to_role'),true);
1189 return false;
1190 }
1191 if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
1192 $this->obj_ref_id != ROLE_FOLDER_ID)
1193 {
1194 ilUtil::sendFailure($this->lng->txt('err_role_not_assignable'),true);
1195 return false;
1196 }
1197 if(!$a_user_ids)
1198 {
1199 $GLOBALS['lng']->loadLanguageModule('search');
1200 ilUtil::sendFailure($this->lng->txt('search_err_user_not_exist'),true);
1201 return false;
1202 }
1203
1204 $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1205
1206 // users to assign
1207 $assigned_users_new = array_diff($a_user_ids,array_intersect($a_user_ids,$assigned_users_all));
1208
1209 // selected users all already assigned. stop
1210 if (count($assigned_users_new) == 0)
1211 {
1212 ilUtil::sendInfo($this->lng->txt("rbac_msg_user_already_assigned"),true);
1213 $this->ctrl->redirect($this,'userassignment');
1214 }
1215
1216 // assign new users
1217 foreach ($assigned_users_new as $user)
1218 {
1219 $rbacadmin->assignUser($this->object->getId(),$user,false);
1220 }
1221
1222 // update object data entry (to update last modification date)
1223 $this->object->update();
1224
1225 ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"),true);
1226 $this->ctrl->redirect($this,'userassignment');
1227 }
1228
1235 {
1236 global $rbacsystem, $rbacadmin, $rbacreview;
1237
1238 if(!$this->checkAccess('edit_userassignment','edit_permission'))
1239 {
1240 $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1241 }
1242
1243 $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
1244
1245 if ($selected_users[0]=== NULL)
1246 {
1247 $this->ilias->raiseError($this->lng->txt("no_checkbox"),$this->ilias->error_obj->MESSAGE);
1248 }
1249
1250 // prevent unassignment of system user from system role
1251 if ($this->object->getId() == SYSTEM_ROLE_ID)
1252 {
1253 if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !== false)
1254 unset($selected_users[$admin]);
1255 }
1256
1257 // check for each user if the current role is his last global role before deassigning him
1258 $last_role = array();
1259 $global_roles = $rbacreview->getGlobalRoles();
1260
1261 foreach ($selected_users as $user)
1262 {
1263 $assigned_roles = $rbacreview->assignedRoles($user);
1264 $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
1265
1266 if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
1267 {
1268 $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
1269 $last_role[$user] = $userObj->getFullName();
1270 unset($userObj);
1271 }
1272 }
1273
1274
1275 // ... else perform deassignment
1276 foreach ($selected_users as $user)
1277 {
1278 if(!isset($last_role[$user]))
1279 {
1280 $rbacadmin->deassignUser($this->object->getId(), $user);
1281 }
1282 }
1283
1284 // update object data entry (to update last modification date)
1285 $this->object->update();
1286
1287 // raise error if last role was taken from a user...
1288 if(count($last_role))
1289 {
1290 $user_list = implode(", ",$last_role);
1291 ilUtil::sendFailure($this->lng->txt('msg_is_last_role').': '.$user_list.'<br />'.$this->lng->txt('msg_min_one_role'),true);
1292 }
1293 else
1294 {
1295 ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"), true);
1296 }
1297 $this->ctrl->redirect($this,'userassignment');
1298 }
1299
1300
1305 {
1306 global $rbacreview, $rbacsystem, $lng, $ilUser;
1307
1308 if(!$this->checkAccess('edit_userassignment','edit_permission'))
1309 {
1310 $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1311 }
1312
1313 $this->tabs_gui->setTabActive('user_assignment');
1314
1315 $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.rbac_ua.html','Services/AccessControl');
1316
1317 include_once './Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1318 $tb = new ilToolbarGUI();
1319
1320 // protected admin role
1321 include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1322 if(
1323 $this->object->getId() != SYSTEM_ROLE_ID ||
1324 (
1325 !$rbacreview->isAssigned($ilUser->getId(),SYSTEM_ROLE_ID) or
1326 !ilSecuritySettings::_getInstance()->isAdminRoleProtected()
1327 )
1328 )
1329 {
1330
1331
1332 // add member
1333 include_once './Services/Search/classes/class.ilRepositorySearchGUI.php';
1335 $this,
1336 $tb,
1337 array(
1338 'auto_complete_name' => $lng->txt('user'),
1339 'submit_name' => $lng->txt('add')
1340 )
1341 );
1342
1343 /*
1344 // add button
1345 $tb->addFormButton($lng->txt("add"), "assignUser");
1346 */
1347 $tb->addSpacer();
1348
1349 $tb->addButton(
1350 $this->lng->txt('search_user'),
1351 $this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI','start')
1352 );
1353 $tb->addSpacer();
1354 }
1355
1356 $tb->addButton(
1357 $this->lng->txt('role_mailto'),
1358 $this->ctrl->getLinkTarget($this,'mailToRole')
1359 );
1360 $this->tpl->setVariable('BUTTONS_UA',$tb->getHTML());
1361
1362
1363 include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1364 $role_assignment_editable = true;
1365 if(
1366 $this->object->getId() == SYSTEM_ROLE_ID &&
1367 !ilSecuritySettings::_getInstance()->checkAdminRoleAccessible($ilUser->getId()))
1368 {
1369 $role_assignment_editable = false;
1370 }
1371
1372 include_once './Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1373 $ut = new ilAssignedUsersTableGUI($this,'userassignment',$this->object->getId(),$role_assignment_editable);
1374
1375 $this->tpl->setVariable('TABLE_UA',$ut->getHTML());
1376
1377 return true;
1378
1379 }
1380
1381
1386 function cancelObject()
1387 {
1388 if ($_GET["new_type"] != "role")
1389 {
1390 $this->ctrl->redirect($this, "userassignment");
1391 }
1392 else
1393 {
1394 $this->ctrl->redirectByClass("ilobjrolefoldergui","view");
1395 }
1396 }
1397
1398
1400 {
1401 global $rbacsystem,$rbacreview;
1402
1403 $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
1404
1405 if (!is_array($_POST["role"]))
1406 {
1407 ilUtil::sendFailure($this->lng->txt("role_no_roles_selected"));
1408 $this->searchObject();
1409
1410 return false;
1411 }
1412
1413 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html", "Services/AccessControl");
1414 $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
1415
1416 // GET ALL MEMBERS
1417 $members = array();
1418
1419 foreach ($_POST["role"] as $role_id)
1420 {
1421 $members = array_merge($rbacreview->assignedUsers($role_id),$members);
1422 }
1423
1424 $members = array_unique($members);
1425
1426 // FORMAT USER DATA
1427 $counter = 0;
1428 $f_result = array();
1429
1430 foreach($members as $user)
1431 {
1432 if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
1433 {
1434 continue;
1435 }
1436
1437 $user_ids[$counter] = $user;
1438
1439 // TODO: exclude anonymous user
1440 $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
1441 $f_result[$counter][] = $tmp_obj->getLogin();
1442 $f_result[$counter][] = $tmp_obj->getFirstname();
1443 $f_result[$counter][] = $tmp_obj->getLastname();
1444
1445 unset($tmp_obj);
1446 ++$counter;
1447 }
1448
1449 $this->__showSearchUserTable($f_result,$user_ids,"listUsersRole");
1450
1451 return true;
1452 }
1453
1454
1455
1456 function __formatPath($a_path_arr)
1457 {
1458 $counter = 0;
1459
1460 foreach ($a_path_arr as $data)
1461 {
1462 if ($counter++)
1463 {
1464 $path .= " -> ";
1465 }
1466
1467 $path .= $data['title'];
1468 }
1469
1470 if (strlen($path) > 50)
1471 {
1472 return '...'.substr($path,-50);
1473 }
1474
1475 return $path;
1476 }
1477
1479 {
1480 // output objects
1481 $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
1482 $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
1483
1484 // output locator
1485 //$this->__setLocator();
1486
1487 // output message
1488 if ($this->message)
1489 {
1490 ilUtil::sendInfo($this->message);
1491 }
1492
1493 // display infopanel if something happened
1495
1496 // set header
1497 $this->__setHeader();
1498 }
1499
1500 function __setHeader()
1501 {
1502 $this->tpl->setTitle($this->lng->txt('role'));
1503 $this->tpl->setDescription($this->object->getTitle());
1504 $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.svg"));
1505
1506 $this->getTabs($this->tabs_gui);
1507 }
1508
1509 function __setLocator()
1510 {
1511 global $tree, $ilCtrl;
1512
1513 return;
1514
1515 $this->tpl->addBlockFile("LOCATOR", "locator", "tpl.locator.html", "Services/Locator");
1516
1517 $counter = 0;
1518
1519 foreach ($tree->getPathFull($this->obj_ref_id) as $key => $row)
1520 {
1521 if ($counter++)
1522 {
1523 $this->tpl->touchBlock('locator_separator_prefix');
1524 }
1525
1526 $this->tpl->setCurrentBlock("locator_item");
1527
1528 if ($row["type"] == 'rolf')
1529 {
1530 $this->tpl->setVariable("ITEM",$this->object->getTitle());
1531 $this->tpl->setVariable("LINK_ITEM",$this->ctrl->getLinkTarget($this));
1532 }
1533 elseif ($row["child"] != $tree->getRootId())
1534 {
1535 $ilCtrl->setParameterByClass("ilrepositorygui", "ref_id", $row["child"]);
1536 $this->tpl->setVariable("ITEM", $row["title"]);
1537 $this->tpl->setVariable("LINK_ITEM",
1538 $ilCtrl->getLinkTargetByClass("ilrepositorygui", ""));
1539 }
1540 else
1541 {
1542 $ilCtrl->setParameterByClass("ilrepositorygui", "ref_id", $row["child"]);
1543 $this->tpl->setVariable("ITEM", $this->lng->txt("repository"));
1544 $this->tpl->setVariable("LINK_ITEM",
1545 $ilCtrl->getLinkTargetByClass("ilrepositorygui", ""));
1546 }
1547 $ilCtrl->setParameterByClass("ilrepositorygui", "ref_id", $_GET["ref_id"]);
1548
1549 $this->tpl->parseCurrentBlock();
1550 }
1551
1552 $this->tpl->setVariable("TXT_LOCATOR",$this->lng->txt("locator"));
1553 $this->tpl->parseCurrentBlock();
1554 }
1555
1561 {
1562 global $ilLocator;
1563
1564 if ($_GET["admin_mode"] == "settings"
1565 && $_GET["ref_id"] == ROLE_FOLDER_ID) // system settings
1566 {
1567 parent::addAdminLocatorItems(true);
1568
1569 $ilLocator->addItem($this->lng->txt("obj_".ilObject::_lookupType(
1570 ilObject::_lookupObjId($_GET["ref_id"]))),
1571 $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
1572
1573 if ($_GET["obj_id"] > 0)
1574 {
1575 $ilLocator->addItem($this->object->getTitle(),
1576 $this->ctrl->getLinkTarget($this, "view"));
1577 }
1578 }
1579 else // repository administration
1580 {
1581 // ?
1582 }
1583 }
1584
1585
1586
1587
1588 function getTabs(&$tabs_gui)
1589 {
1590 global $rbacsystem,$rbacreview, $ilHelp;
1591
1592 $base_role_container = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
1593
1594
1595 $activate_role_edit = false;
1596
1597 // todo: activate the following (allow editing of local roles in
1598 // roles administration)
1599 if (in_array($this->obj_ref_id,$base_role_container) ||
1600 (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
1601 $_GET["admin_mode"] == "settings"))
1602 {
1603 $activate_role_edit = true;
1604 }
1605
1606 // not so nice (workaround for using tabs in repository)
1607 $tabs_gui->clearTargets();
1608
1609 $ilHelp->setScreenIdComponent("role");
1610
1611 if ($this->back_target != "")
1612 {
1613 $tabs_gui->setBackTarget(
1614 $this->back_target["text"],$this->back_target["link"]);
1615 }
1616
1617 if($this->checkAccess('write','edit_permission') && $activate_role_edit)
1618 {
1619 $tabs_gui->addTarget("edit_properties",
1620 $this->ctrl->getLinkTarget($this, "edit"), array("edit","update"), get_class($this));
1621 }
1622/*
1623 if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
1624 {
1625 $force_active = ($_GET["cmd"] == "perm" || $_GET["cmd"] == "")
1626 ? true
1627 : false;
1628 $tabs_gui->addTarget("default_perm_settings",
1629 $this->ctrl->getLinkTarget($this, "perm"), array("perm", "adoptPermSave", "permSave"),
1630 get_class($this),
1631 "", $force_active);
1632 }
1633*/
1634 if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
1635 {
1636 $tabs_gui->addTarget(
1637 "default_perm_settings",
1638 $this->ctrl->getLinkTarget($this, "perm"), array(),get_class($this)
1639 );
1640 }
1641
1642 if($this->checkAccess('write','edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
1643 {
1644 $tabs_gui->addTarget("user_assignment",
1645 $this->ctrl->getLinkTarget($this, "userassignment"),
1646 array("deassignUser", "userassignment", "assignUser", "searchUserForm", "search"),
1647 get_class($this));
1648 }
1649
1650 if($this->checkAccess('write','edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
1651 {
1652 $tabs_gui->addTarget("desktop_items",
1653 $this->ctrl->getLinkTarget($this, "listDesktopItems"),
1654 array("listDesktopItems", "deleteDesktopItems", "selectDesktopItem", "askDeleteDesktopItem"),
1655 get_class($this));
1656 }
1657 if($this->checkAccess('write','edit_permission'))
1658 {
1659 $tabs_gui->addTarget(
1660 'export',
1661 $this->ctrl->getLinkTargetByClass('ilExportGUI'),
1662 array()
1663 );
1664
1665 }
1666 }
1667
1669 {
1670 global $rbacreview;
1671
1672 $obj_ids = ilObject::_getIdsForTitle($this->object->getTitle(), $this->object->getType());
1673 if(count($obj_ids) > 1)
1674 {
1675 $_SESSION['mail_roles'][] = '#il_role_'.$this->object->getId();
1676 }
1677 else
1678 {
1679 $_SESSION['mail_roles'][] = $rbacreview->getRoleMailboxAddress($this->object->getId());
1680 }
1681
1682 require_once 'Services/Mail/classes/class.ilMailFormCall.php';
1683 $script = ilMailFormCall::getRedirectTarget($this, 'userassignment', array(), array('type' => 'role'));
1684 ilUtil::redirect($script);
1685 }
1686
1687 function checkAccess($a_perm_global,$a_perm_obj = '')
1688 {
1689 global $rbacsystem,$ilAccess;
1690
1691 $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
1692
1693 if($this->obj_ref_id == ROLE_FOLDER_ID)
1694 {
1695 return $rbacsystem->checkAccess($a_perm_global,$this->obj_ref_id);
1696 }
1697 else
1698 {
1699 return $ilAccess->checkAccess($a_perm_obj,'',$this->obj_ref_id);
1700 }
1701 }
1702
1708 {
1709 global $rbacreview;
1710
1711 if(!(int) $_POST['recursive'] and !is_array($_POST['recursive_list']))
1712 {
1713 return false;
1714 }
1715
1716 // Role is protected
1717 if($rbacreview->isProtected($this->obj_ref_id, $this->object->getId()))
1718 {
1719 // TODO: check if recursive_list is enabled
1720 // and if yes: check if inheritance is broken for the relevant object types
1721 return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1722 }
1723 else
1724 {
1725 // TODO: check if recursive_list is enabled
1726 // and if yes: check if inheritance is broken for the relevant object types
1727 return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1728 }
1729 }
1730
1736 {
1737 $protected = $_POST['protected'];
1738
1739 include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
1740 $form = new ilPropertyFormGUI();
1741 $form->setFormAction($this->ctrl->getFormAction($this,'changeExistingObjects'));
1742 $form->setTitle($this->lng->txt('rbac_change_existing_confirm_tbl'));
1743
1744 $form->addCommandButton('changeExistingObjects', $this->lng->txt('change_existing_objects'));
1745 $form->addCommandButton('perm',$this->lng->txt('cancel'));
1746
1747 $hidden = new ilHiddenInputGUI('type_filter');
1748 $hidden->setValue(
1749 $_POST['recursive'] ?
1750 serialize(array('all')) :
1751 serialize($_POST['recursive_list'])
1752 );
1753 $form->addItem($hidden);
1754
1755 $rad = new ilRadioGroupInputGUI($this->lng->txt('rbac_local_policies'),'mode');
1756
1757 if($protected)
1758 {
1760 $keep = new ilRadioOption(
1761 $this->lng->txt('rbac_keep_local_policies'),
1763 $this->lng->txt('rbac_keep_local_policies_info')
1764 );
1765 }
1766 else
1767 {
1769 $keep = new ilRadioOption(
1770 $this->lng->txt('rbac_keep_local_policies'),
1772 $this->lng->txt('rbac_unprotected_keep_local_policies_info')
1773 );
1774
1775 }
1776 $rad->addOption($keep);
1777
1778 if($protected)
1779 {
1780 $del = new ilRadioOption(
1781 $this->lng->txt('rbac_delete_local_policies'),
1783 $this->lng->txt('rbac_delete_local_policies_info')
1784 );
1785 }
1786 else
1787 {
1788 $del = new ilRadioOption(
1789 $this->lng->txt('rbac_delete_local_policies'),
1791 $this->lng->txt('rbac_unprotected_delete_local_policies_info')
1792 );
1793 }
1794 $rad->addOption($del);
1795
1796 $form->addItem($rad);
1797 $this->tpl->setContent($form->getHTML());
1798 }
1799
1804 protected function changeExistingObjectsObject()
1805 {
1806 global $tree,$rbacreview,$rbacadmin;
1807
1808 $mode = (int) $_POST['mode'];
1809 $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $this->obj_ref_id);
1810
1811 $this->object->changeExistingObjects($start,$mode,unserialize(ilUtil::stripSlashes($_POST['type_filter'])));
1812
1813 ilUtil::sendSuccess($this->lng->txt('settings_saved'),true);
1814 $this->ctrl->redirect($this,'perm');
1815 }
1816
1822 protected function setSubTabs($a_tab)
1823 {
1824 global $ilTabs;
1825
1826 switch($a_tab)
1827 {
1828 case 'default_perm_settings':
1829 if($this->obj_ref_id != ROLE_FOLDER_ID)
1830 {
1831 return true;
1832 }
1833 $ilTabs->addSubTabTarget(
1834 'rbac_repository_permissions',
1835 $this->ctrl->getLinkTarget($this,'perm')
1836 );
1837 $ilTabs->addSubTabTarget(
1838 'rbac_admin_permissions',
1839 $this->ctrl->getLinkTarget($this,'adminPerm')
1840 );
1841 }
1842 return true;
1843 }
1844
1845
1846} // END class.ilObjRoleGUI
1847?>
$_GET["client_id"]
const USER_FOLDER_ID
Class ilObjUserFolder.
Accordion user interface class.
TableGUI class for role administration.
This class represents a checkbox property in a property form.
Confirmation screen class.
Export User Interface Class.
static newInstance($a_export_id)
Create new instance.
static allocateExportId()
Allocate a new export id.
static _getSizeMagnitude()
Returns the magnitude used for size units.
This class represents a hidden form property in a property form.
static getRedirectTarget($gui, $cmd, Array $gui_params=array(), Array $mail_params=array())
This class represents a non editable value in a property form.
This class represents a number property in a property form.
Class ilObjRoleGUI.
editObject()
Edit role properties.
performDeleteRoleObject()
Delete role.
saveObject()
Save new role.
updateObject()
Save role settings.
__formatPath($a_path_arr)
initFormRoleProperties($a_mode)
Create role prperty form.
userassignmentObject()
display user assignment panel
showChangeExistingObjectsConfirmation()
Show confirmation screen.
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor @access public.
setBackTarget($a_text, $a_link)
set back tab target
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
deassignUserObject()
de-assign users from role
permObject($a_show_admin_permissions=false)
Show template permissions.
loadRoleProperties(ilObjRole $role)
Store form input in role object.
assignSaveObject()
wrapper for renamed function
permSaveObject($a_show_admin_permissions=false)
save permissions
& executeCommand()
execute command
getParentType()
get type of current object (not role folder)
getContainerType()
Get type of role container.
getTabs(&$tabs_gui)
get tabs abstract method.
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
checkAccess($a_perm_global, $a_perm_obj='')
cancelObject()
cancelObject is called when an operation is canceled, method links back @access public
showDefaultPermissionSettings()
check if default permissions are shown or not
adminPermObject()
Show administration permissions.
adminPermSaveObject()
Save admin permissions.
addAdminLocatorItems()
should be overwritten to add object specific items (repository items are preloaded)
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
confirmDeleteRoleObject()
Show delete confirmation screen.
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
getParentRefId()
Get ref id of current object (not role folder id)
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
adoptPermSaveObject()
copy permissions from role
getParentObjId()
Get obj_id of current object.
setSubTabs($a_tab)
Set sub tabs.
getAdminTabs(&$tabs_gui)
admin and normal tabs are equal for roles
changeExistingObjectsObject()
Change existing objects.
Class ilObjRole.
setAllowRegister($a_allow_register)
set allow_register of role
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
getPersonalWorkspaceDiskQuota()
getAllowRegister()
get allow_register
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
static isAutoGenerated($a_role_id)
toggleAssignUsersStatus($a_assign_users)
setDiskQuota($a_disk_quota)
_getTranslation($a_role_title)
setPersonalWorkspaceDiskQuota($a_disk_quota)
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Class ilObjectGUI Basic methods of all Output classes.
__showButton($a_cmd, $a_text, $a_target='')
ilObjectGUI($a_data, $a_id=0, $a_call_by_reference=true, $a_prepare_output=true)
Constructor @access public.
prepareOutput()
prepare output
static _lookupObjId($a_id)
setTitle($a_title)
set object title
setDescription($a_desc)
set object description
getDescription()
get object description
getId()
get object id @access public
static _lookupType($a_id, $a_reference=false)
lookup object type
static _getIdsForTitle($title, $type='', $partialmatch=false)
getTitle()
get object title @access public
static lookupTxt($a_mod_prefix, $a_pl_id, $a_lang_var)
Lookup language text.
This class represents a property form user interface.
This class represents a property in a property form.
This class represents an option in a radio group.
static diffTemplate(array $a_old, array $a_new)
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static gatherTemplate($a_role_ref_id, $a_role_id)
const EDIT_TEMPLATE
static isActive()
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array())
fill toolbar with
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07....
static _getInstance()
Get instance of ilSecuritySettings.
This class represents a text area property in a property form.
This class represents a text property in a property form.
static formCheckbox($checked, $varname, $value, $disabled=false)
??? @access public
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
static tf2yn($a_tf)
convert true/false to "y"/"n"
static sortArray($array, $a_array_sortby, $a_array_sortorder=0, $a_numeric=false, $a_keep_keys=false)
sortArray
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
static redirect($a_script)
http redirect to other script
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static switchColor($a_num, $a_css1, $a_css2)
switches style sheets for each even $a_num (used for changing colors of different result rows)
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
static infoPanel($a_keep=true)
$_POST['username']
Definition: cron.php:12
$GLOBALS['ct_recipient']
< a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false">< img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0"/></a >< br/>< strong > Enter Code *if($_SERVER['REQUEST_METHOD']=='POST' &&@ $_POST['do']=='contact') $_SESSION['ctform']['success']
global $ilCtrl
Definition: ilias.php:18
redirection script todo: (a better solution should control the processing via a xml file)
global $ilSetting
Definition: privfeed.php:40
$cmd
Definition: sahs_server.php:35
$path
Definition: index.php:22
if($_REQUEST['ilias_path']) define('ILIAS_HTTP_PATH' $_REQUEST['ilias_path']
Definition: index.php:7
if(!is_array($argv)) $options
global $ilUser
Definition: imgupload.php:15