ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f870
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions
ilObjRole Class Reference
Services/AccessControl

Class ilObjRole. More...

+ Inheritance diagram for ilObjRole:
+ Collaboration diagram for ilObjRole:

Public Member Functions

 ilObjRole ($a_id=0, $a_call_by_reference=false)
 Constructor @access public. More...
 
 validate ()
 Validate role data. More...
 
 getPresentationTitle ()
 return translated title for autogenerated roles More...
 
 toggleAssignUsersStatus ($a_assign_users)
 
 getAssignUsersStatus ()
 
 _getAssignUsersStatus ($a_role_id)
 
 read ()
 loads "role" from database @access private More...
 
 assignData ($a_data)
 loads a record "role" from array @access public More...
 
 update ()
 updates a record "role" and write it into database @access public More...
 
 create ()
 create More...
 
 setAllowRegister ($a_allow_register)
 set allow_register of role More...
 
 getAllowRegister ()
 get allow_register More...
 
 setDiskQuota ($a_disk_quota)
 
 getDiskQuota ()
 
 setPersonalWorkspaceDiskQuota ($a_disk_quota)
 
 getPersonalWorkspaceDiskQuota ()
 
 _lookupRegisterAllowed ()
 get all roles that are activated in user registration More...
 
 _lookupAllowRegister ($a_role_id)
 check whether role is allowed in user registration or not More...
 
 setParent ($a_parent_ref)
 set reference id of parent object this is neccessary for non RBAC protected objects!!! More...
 
 getParent ()
 get reference id of parent object More...
 
 delete ()
 delete role and all related data More...
 
 getCountMembers ()
 
 _getTranslation ($a_role_title)
 
 _updateAuthMode ($a_roles)
 
 _getAuthMode ($a_role_id)
 
 __getPermissionDefinitions ()
 
 changeExistingObjects ($a_start_node, $a_mode, $a_filter, $a_exclusion_filter=array())
 Change existing objects. More...
 
- Public Member Functions inherited from ilObject
 ilObject ($a_id=0, $a_reference=true)
 Constructor @access public. More...
 
 withReferences ()
 determines wehter objects are referenced or not (got ref ids or not) More...
 
 read ($a_force_db=false)
 read object data from db into object More...
 
 getId ()
 get object id @access public More...
 
 setId ($a_id)
 set object id @access public More...
 
 setRefId ($a_id)
 set reference id @access public More...
 
 getRefId ()
 get reference id @access public More...
 
 getType ()
 get object type @access public More...
 
 setType ($a_type)
 set object type @access public More...
 
 getPresentationTitle ()
 get presentation title Normally same as title Overwritten for sessions More...
 
 getTitle ()
 get object title @access public More...
 
 getUntranslatedTitle ()
 get untranslated object title @access public More...
 
 setTitle ($a_title)
 set object title More...
 
 getDescription ()
 get object description More...
 
 setDescription ($a_desc)
 set object description More...
 
 getLongDescription ()
 get object long description (stored in object_description) More...
 
 getImportId ()
 get import id More...
 
 setImportId ($a_import_id)
 set import id More...
 
 getOwner ()
 get object owner More...
 
 getOwnerName ()
 
 _lookupOwnerName ($a_owner_id)
 lookup owner name for owner id More...
 
 setOwner ($a_owner)
 set object owner More...
 
 getCreateDate ()
 get create date @access public More...
 
 getLastUpdateDate ()
 get last update date @access public More...
 
 getDiskUsage ()
 
 setObjDataRecord ($a_record)
 set object_data record (note: this method should only be called from the ilObjectFactory class) More...
 
 create ()
 create More...
 
 update ()
 update object in db More...
 
 MDUpdateListener ($a_element)
 Meta data update listener. More...
 
 createMetaData ()
 create meta data entry More...
 
 updateMetaData ()
 update meta data entry More...
 
 deleteMetaData ()
 delete meta data entry More...
 
 updateOwner ()
 update owner of object in db More...
 
 _getIdForImportId ($a_import_id)
 get current object id for import id (static) More...
 
 _lookupOwner ($a_id)
 lookup object owner More...
 
 _lookupLastUpdate ($a_id, $a_as_string=false)
 lookup last update More...
 
 _getLastUpdateOfObjects ($a_objs)
 Get last update for a set of media objects. More...
 
 _setDeletedDate ($a_ref_id)
 only called in ilTree::saveSubTree More...
 
 _resetDeletedDate ($a_ref_id)
 only called in ilObjectGUI::insertSavedNodes More...
 
 _lookupDeletedDate ($a_ref_id)
 only called in ilObjectGUI::insertSavedNodes More...
 
 _writeTitle ($a_obj_id, $a_title)
 write title to db (static) More...
 
 _writeDescription ($a_obj_id, $a_desc)
 write description to db (static) More...
 
 _writeImportId ($a_obj_id, $a_import_id)
 write import id to db (static) More...
 
 _isInTrash ($a_ref_id)
 checks wether object is in trash More...
 
 _hasUntrashedReference ($a_obj_id)
 checks wether an object has at least one reference that is not in trash More...
 
 _getObjectsDataForType ($a_type, $a_omit_trash=false)
 get all objects of a certain type More...
 
 putInTree ($a_parent_ref)
 maybe this method should be in tree object!? More...
 
 setPermissions ($a_parent_ref)
 set permissions of object More...
 
 setParentRolePermissions ($a_parent_ref)
 Initialize the permissions of parent roles (local roles of categories, global roles...) This method is overwritten in e.g courses, groups for building permission intersections with non_member templates. More...
 
 createReference ()
 creates reference for object More...
 
 countReferences ()
 count references of object More...
 
 delete ()
 delete object or referenced object (in the case of a referenced object, object data is only deleted if last reference is deleted) This function removes an object entirely from system!! More...
 
 initDefaultRoles ()
 init default roles settings Purpose of this function is to create a local role folder and local roles, that are needed depending on the object type If you want to setup default local roles you MUST overwrite this method in derived object classes (see ilObjForum for an example) @access public More...
 
 applyDidacticTemplate ($a_tpl_id)
 Apply template. More...
 
 notify ($a_event, $a_ref_id, $a_parent_non_rbac_id, $a_node_id, $a_params=0)
 notifys an object about an event occured Based on the event passed, each object may decide how it reacts. More...
 
 setRegisterMode ($a_bool)
 
 isUserRegistered ($a_user_id=0)
 
 requireRegistration ()
 
 getXMLZip ()
 
 getHTMLDirectory ()
 
 cloneObject ($a_target_id, $a_copy_id=0, $a_omit_tree=false)
 Clone object permissions, put in tree ... More...
 
 appendCopyInfo ($a_target_id, $a_copy_id)
 Prepend Copy info if object with same name exists in that container. More...
 
 cloneDependencies ($a_target_id, $a_copy_id)
 Clone object dependencies. More...
 
 cloneMetaData ($target_obj)
 Copy meta data. More...
 
 _lookupCreationDate ($a_id)
 Lookup creation date. More...
 

Static Public Member Functions

static createDefaultRole ($a_title, $a_description, $a_tpl_name, $a_ref_id)
 
static _getRolesByAuthMode ($a_auth_mode)
 Get roles by auth mode. More...
 
static _resetAuthMode ($a_auth_mode)
 Reset auth mode to default. More...
 
static isAutoGenerated ($a_role_id)
 
- Static Public Member Functions inherited from ilObject
static _lookupObjIdByImportId ($a_import_id)
 
static _getAllReferences ($a_id)
 get all reference ids of object More...
 
static _lookupTitle ($a_id)
 lookup object title More...
 
static _getIdsForTitle ($title, $type='', $partialmatch=false)
 
static _lookupDescription ($a_id)
 lookup object description More...
 
static _lookupObjId ($a_id)
 
static setDeletedDates ($a_ref_ids)
 Set deleted date @global type $ilDB. More...
 
static _lookupType ($a_id, $a_reference=false)
 lookup object type More...
 
static _lookupObjectId ($a_ref_id)
 lookup object id More...
 
static _exists ($a_id, $a_reference=false, $a_type=null)
 checks if an object exists in object_data@access public More...
 
static _getObjectsByType ($a_obj_type="", $a_owner="")
 Get objects by type. More...
 
static _prepareCloneSelection ($a_ref_ids, $new_type, $show_path=true)
 Prepare copy wizard object selection. More...
 
static _getIcon ($a_obj_id="", $a_size="big", $a_type="", $a_offline=false)
 Get icon for repository item. More...
 
static collectDeletionDependencies (&$deps, $a_ref_id, $a_obj_id, $a_type, $a_depth=0)
 Collect deletion dependencies. More...
 
static getDeletionDependencies ($a_obj_id)
 Get deletion dependencies. More...
 
static getLongDescriptions (array $a_obj_ids)
 Get long description data. More...
 
static getAllOwnedRepositoryObjects ($a_user_id)
 Get all ids of objects user owns. More...
 
static hasAutoRating ($a_type, $a_ref_id)
 Check if auto rating is active for parent group/course. More...
 

Data Fields

const MODE_PROTECTED_DELETE_LOCAL_POLICIES = 1
 
const MODE_PROTECTED_KEEP_LOCAL_POLICIES = 2
 
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES = 3
 
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES = 4
 
 $parent
 
 $allow_register
 
 $assign_users
 
 $disk_quota
 The disk quota in bytes. More...
 
 $wsp_disk_quota
 
- Data Fields inherited from ilObject
const TITLE_LENGTH = 255
 max length of object title More...
 
const DESC_LENGTH = 128
 
 $ilias
 
 $lng
 
 $id
 
 $ref_id
 
 $type
 
 $title
 
 $untranslatedTitle
 
 $desc
 
 $long_desc
 
 $owner
 
 $create_date
 
 $last_update
 
 $import_id
 
 $register = false
 
 $referenced
 
 $objectList
 
 $max_title
 
 $max_desc
 
 $add_dots
 
 $obj_data_record
 object_data record More...
 

Protected Member Functions

 deleteLocalPolicies ($a_start, $a_policies, $a_filter)
 Delete local policies. More...
 
 adjustPermissions ($a_mode, $a_nodes, $a_policies, $a_filter, $a_exclusion_filter=array())
 Adjust permissions. More...
 
 isHandledObjectType ($a_filter, $a_exclusion_filter, $a_type)
 Check if type is filterer. More...
 
 updateOperationStack (&$a_stack, $a_node, $a_init=false)
 Update operation stack. More...
 
 updatePolicyStack (&$a_stack, $a_node)
 Update policy stack. More...
 
 createPermissionIntersection ($policy_stack, $a_current_ops, $a_id, $a_type)
 Create course group permission intersection. More...
 

Detailed Description

Class ilObjRole.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 15 of file class.ilObjRole.php.

Member Function Documentation

◆ __getPermissionDefinitions()

ilObjRole::__getPermissionDefinitions ( )

Definition at line 591 of file class.ilObjRole.php.

592 {
593 global $ilDB, $lng, $objDefinition,$rbacreview;
594
595 $operation_info = $rbacreview->getOperationAssignment();
596 foreach($operation_info as $info)
597 {
598 if($objDefinition->getDevMode($info['type']))
599 {
600 continue;
601 }
602 $rbac_objects[$info['typ_id']] = array("obj_id" => $info['typ_id'],
603 "type" => $info['type']);
604
605 // handle plugin permission texts
606 $txt = $objDefinition->isPlugin($info['type'])
607 ? ilPlugin::lookupTxt("rep_robj", $info['type'], $info['type']."_".$info['operation'])
608 : $lng->txt($info['type']."_".$info['operation']);
609 if (substr($info['operation'], 0, 7) == "create_" &&
610 $objDefinition->isPlugin(substr($info['operation'], 7)))
611 {
612 $txt = ilPlugin::lookupTxt("rep_robj", substr($info['operation'], 7), $info['type']."_".$info['operation']);
613 }
614 $rbac_operations[$info['typ_id']][$info['ops_id']] = array(
615 "ops_id" => $info['ops_id'],
616 "title" => $info['operation'],
617 "name" => $txt);
618
619 }
620 return array($rbac_objects,$rbac_operations);
621 }
ilPlugin\lookupTxt
static lookupTxt($a_mod_prefix, $a_pl_id, $a_lang_var)
Lookup language text.
Definition: class.ilPlugin.php:529
$txt
$txt
Definition: error.php:10
$ilDB
global $ilDB
Definition: storeScorm2004.php:19

References $ilDB, ilObject\$lng, $txt, and ilPlugin\lookupTxt().

+ Here is the call graph for this function:

◆ _getAssignUsersStatus()

ilObjRole::_getAssignUsersStatus (   $a_role_id)

Definition at line 141 of file class.ilObjRole.php.

142 {
143 global $ilDB;
144
145 $query = "SELECT assign_users FROM role_data WHERE role_id = ".$ilDB->quote($a_role_id,'integer')." ";
146 $res = $ilDB->query($query);
147 while($row = $ilDB->fetchObject($res))
148 {
149 return $row->assign_users ? true : false;
150 }
151 return false;
152 }

References $ilDB, $query, $res, and $row.

Referenced by ilRbacReview\getGlobalAssignableRoles(), ilObjUserFolderGUI\importUserRoleAssignmentObject(), ilSoapUserAdministration\importUsers(), ilObjUserFolderGUI\importUsersObject(), ilObjUserGUI\initCreate(), and ilSoapUserAdministration\isPermittedRole().

+ Here is the caller graph for this function:

◆ _getAuthMode()

ilObjRole::_getAuthMode (   $a_role_id)

Definition at line 539 of file class.ilObjRole.php.

540 {
541 global $ilDB;
542
543 $query = "SELECT auth_mode FROM role_data ".
544 "WHERE role_id= ".$ilDB->quote($a_role_id,'integer')." ";
545 $res = $ilDB->query($query);
546 $row = $ilDB->fetchAssoc($res);
547
548 return $row['auth_mode'];
549 }

References $ilDB, $query, $res, and $row.

◆ _getRolesByAuthMode()

static ilObjRole::_getRolesByAuthMode (   $a_auth_mode)
static

Get roles by auth mode.

@access public

Parameters
stringauth mode

Definition at line 558 of file class.ilObjRole.php.

559 {
560 global $ilDB;
561
562 $query = "SELECT * FROM role_data ".
563 "WHERE auth_mode = ".$ilDB->quote($a_auth_mode,'text');
564 $res = $ilDB->query($query);
565 $roles = array();
566 while($row = $ilDB->fetchObject($res))
567 {
568 $roles[] = $row->role_id;
569 }
570 return $roles;
571 }

References $ilDB, $query, $res, and $row.

Referenced by ilRadiusSettings\read().

+ Here is the caller graph for this function:

◆ _getTranslation()

ilObjRole::_getTranslation (   $a_role_title)

Definition at line 504 of file class.ilObjRole.php.

505 {
506 global $lng;
507
508 $test_str = explode('_',$a_role_title);
509
510 if ($test_str[0] == 'il')
511 {
512 $test2 = (int) $test_str[3];
513 if ($test2 > 0)
514 {
515 unset($test_str[3]);
516 }
517
518 return $lng->txt(implode('_',$test_str));
519 }
520
521 return $a_role_title;
522 }

References ilObject\$lng.

Referenced by ilCourseEditParticipantsTableGUI\__construct(), ilObjRoleGUI\adoptPermObject(), ilObjRoleFolderGUI\confirmDeleteObject(), ilObjectRolePermissionTableGUI\createTitle(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), ilObjectPermissionStatusGUI\getAvailableRolesTableData(), ilObjCourse\getLocalCourseRoles(), ilObjGroup\getLocalGroupRoles(), ilObjCourseGUI\getLocalRoles(), ilObjiLincCourse\getLocalRoles(), ilObjGroupGUI\getLocalRoles(), ilObjiLincCourse\getMemberRolesTitle(), getPresentationTitle(), ilObjBlog\getRolesWithContribute(), ilPermissionGUI\initRoleForm(), ilObjCourseGUI\mailMembersObject(), ilObjGroupGUI\mailMembersObject(), ilObjiLincCourseGUI\mailMembersObject(), ilRoleSelectionTableGUI\parse(), ilRoleTableGUI\parse(), ilObjRoleTemplateGUI\permObject(), ilObjUserGUI\roleassignmentObject(), ilPermissionGUI\showConfirmBlockRole(), and ilSoapRoleObjectXMLWriter\start().

+ Here is the caller graph for this function:

◆ _lookupAllowRegister()

ilObjRole::_lookupAllowRegister (   $a_role_id)

check whether role is allowed in user registration or not

Parameters
int$a_role_idrole id
Returns
boolean true if role is allowed in user registration

Definition at line 359 of file class.ilObjRole.php.

360 {
361 global $ilDB;
362
363 $query = "SELECT * FROM role_data ".
364 " WHERE role_id =".$ilDB->quote($a_role_id,'integer');
365
366 $res = $ilDB->query($query);
367 if ($role_rec = $ilDB->fetchAssoc($res))
368 {
369 if ($role_rec["allow_register"])
370 {
371 return true;
372 }
373 }
374 return false;
375 }

References $ilDB, $query, and $res.

Referenced by ilRegistrationSettingsGUI\editRoles(), and ilAccountRegistrationGUI\saveForm().

+ Here is the caller graph for this function:

◆ _lookupRegisterAllowed()

ilObjRole::_lookupRegisterAllowed ( )

get all roles that are activated in user registration

@access public

Returns
array array of int: role ids

Definition at line 333 of file class.ilObjRole.php.

334 {
335 global $ilDB;
336
337 $query = "SELECT * FROM role_data ".
338 "JOIN object_data ON object_data.obj_id = role_data.role_id ".
339 "WHERE allow_register = 1";
340 $res = $ilDB->query($query);
341
342 $roles = array();
343 while($role = $ilDB->fetchAssoc($res))
344 {
345 $roles[] = array("id" => $role["obj_id"],
346 "title" => $role["title"],
347 "auth_mode" => $role['auth_mode']);
348 }
349
350 return $roles;
351 }

References $ilDB, $query, and $res.

Referenced by ilRegistrationSettingsGUI\__prepareAccessLimitationRoleList(), ilRegistrationSettingsGUI\__prepareRoleList(), ilShopUtils\_createRandomUserAccount(), ilUserProfile\addStandardFieldsToForm(), ilObjAuthSettingsGUI\authSettingsObject(), ilRegistrationSettingsGUI\editRoleAccessLimitations(), and ilRegistrationSettingsGUI\saveRoleAccessLimitations().

+ Here is the caller graph for this function:

◆ _resetAuthMode()

static ilObjRole::_resetAuthMode (   $a_auth_mode)
static

Reset auth mode to default.

@access public

Parameters
stringauth mode

Definition at line 581 of file class.ilObjRole.php.

582 {
583 global $ilDB;
584
585 $query = "UPDATE role_data SET auth_mode = 'default' WHERE auth_mode = ".$ilDB->quote($a_auth_mode,'text');
586 $res = $ilDB->manipulate($query);
587 }

References $ilDB, $query, and $res.

Referenced by ilRadiusSettings\save().

+ Here is the caller graph for this function:

◆ _updateAuthMode()

ilObjRole::_updateAuthMode (   $a_roles)

Definition at line 526 of file class.ilObjRole.php.

527 {
528 global $ilDB;
529
530 foreach ($a_roles as $role_id => $auth_mode)
531 {
532 $query = "UPDATE role_data SET ".
533 "auth_mode= ".$ilDB->quote($auth_mode,'text')." ".
534 "WHERE role_id= ".$ilDB->quote($role_id,'integer')." ";
535 $res = $ilDB->manipulate($query);
536 }
537 }

References $ilDB, $query, and $res.

Referenced by ilRadiusSettings\save(), and ilObjAuthSettingsGUI\updateAuthRolesObject().

+ Here is the caller graph for this function:

◆ adjustPermissions()

ilObjRole::adjustPermissions (   $a_mode,
  $a_nodes,
  $a_policies,
  $a_filter,
  $a_exclusion_filter = array() 
)
protected

Adjust permissions.

Parameters
int$a_mode
array$a_nodesarray of nodes
array$a_policiesarray of object ref ids
array$a_exclusion_filterof object types.
Returns

Definition at line 706 of file class.ilObjRole.php.

707 {
708 global $rbacadmin, $rbacreview, $tree;
709
710 $operation_stack = array();
711 $policy_stack = array();
712 $node_stack = array();
713
714 $start_node = current($a_nodes);
715 array_push($node_stack,$start_node);
716 $this->updatePolicyStack($policy_stack, $start_node['child']);
717 $this->updateOperationStack($operation_stack, $start_node['child'],true);
718
719 include_once "Services/AccessControl/classes/class.ilRbacLog.php";
720 $rbac_log_active = ilRbacLog::isActive();
721
722 $local_policy = false;
723 foreach($a_nodes as $node)
724 {
725 $cmp_node = end($node_stack);
726 while($relation = $tree->getRelationOfNodes($node,$cmp_node))
727 {
728 switch($relation)
729 {
730 case ilTree::RELATION_NONE:
731 case ilTree::RELATION_SIBLING:
732 $GLOBALS['ilLog']->write(__METHOD__.': Handling sibling/none relation.');
733 array_pop($operation_stack);
734 array_pop($policy_stack);
735 array_pop($node_stack);
736 $cmp_node = end($node_stack);
737 $local_policy = false;
738 break;
739
740 case ilTree::RELATION_CHILD:
741 case ilTree::RELATION_EQUALS:
742 case ilTree::RELATION_PARENT:
743 default:
744 $GLOBALS['ilLog']->write(__METHOD__.': Handling child/equals/parent '. $relation);
745 break 2;
746 }
747
748 }
749
750 if($local_policy)
751 {
752 continue;
753 }
754
755 // Start node => set permissions and continue
756 if($node['child'] == $start_node['child'])
757 {
758 if($this->isHandledObjectType($a_filter,$a_exclusion_filter,$node['type']))
759 {
760 if($rbac_log_active)
761 {
762 $rbac_log_roles = $rbacreview->getParentRoleIds($node['child'], false);
763 $rbac_log_old = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
764 }
765
766 // Set permissions
767 $perms = end($operation_stack);
768 $rbacadmin->grantPermission(
769 $this->getId(),
770 (array) $perms[$node['type']],
771 $node['child']
772 );
773
774 if($rbac_log_active)
775 {
776 $rbac_log_new = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
777 $rbac_log = ilRbacLog::diffFaPa($rbac_log_old, $rbac_log_new);
778 ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE_EXISTING, $node['child'], $rbac_log);
779 }
780 }
781 continue;
782 }
783
784 // Node has local policies => update permission stack and continue
785 if(in_array($node['child'], $a_policies) and ($node['child'] != SYSTEM_FOLDER_ID))
786 {
787 $local_policy = true;
788 $this->updatePolicyStack($policy_stack, $node['child']);
789 $this->updateOperationStack($operation_stack, $node['child']);
790 array_push($node_stack, $node);
791 continue;
792 }
793
794 // Continue if this object type is not in filter
795 if(!$this->isHandledObjectType($a_filter,$a_exclusion_filter,$node['type']))
796 {
797 continue;
798 }
799
800 if($rbac_log_active)
801 {
802 $rbac_log_roles = $rbacreview->getParentRoleIds($node['child'], false);
803 $rbac_log_old = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
804 }
805
806 // Node is course => create course permission intersection
807 if(($a_mode == self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES or
808 $a_mode == self::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES) and ($node['type'] == 'crs'))
809
810 {
811 // Copy role permission intersection
812 $perms = end($operation_stack);
813 $this->createPermissionIntersection($policy_stack,$perms['crs'],$node['child'],$node['type']);
814 if($this->updateOperationStack($operation_stack,$node['child']))
815 {
816 $this->updatePolicyStack($policy_stack, $node['child']);
817 array_push($node_stack, $node);
818 }
819 }
820
821 // Node is group => create group permission intersection
822 if(($a_mode == self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES or
823 $a_mode == self::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES) and ($node['type'] == 'grp'))
824 {
825 // Copy role permission intersection
826 $perms = end($operation_stack);
827 $this->createPermissionIntersection($policy_stack,$perms['grp'],$node['child'],$node['type']);
828 if($this->updateOperationStack($operation_stack,$node['child']))
829 {
830 $this->updatePolicyStack($policy_stack, $node['child']);
831 array_push($node_stack, $node);
832 }
833 }
834
835 // Set permission
836 $perms = end($operation_stack);
837 $rbacadmin->grantPermission(
838 $this->getId(),
839 (array) $perms[$node['type']],
840 $node['child']
841 );
842
843 if($rbac_log_active)
844 {
845 $rbac_log_new = ilRbacLog::gatherFaPa($node['child'], array_keys($rbac_log_roles));
846 $rbac_log = ilRbacLog::diffFaPa($rbac_log_old, $rbac_log_new);
847 ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE_EXISTING, $node['child'], $rbac_log);
848 }
849 }
850 }
ilObjRole\createPermissionIntersection
createPermissionIntersection($policy_stack, $a_current_ops, $a_id, $a_type)
Create course group permission intersection.
Definition: class.ilObjRole.php:961
ilObjRole\updatePolicyStack
updatePolicyStack(&$a_stack, $a_node)
Update policy stack.
Definition: class.ilObjRole.php:927
ilObjRole\isHandledObjectType
isHandledObjectType($a_filter, $a_exclusion_filter, $a_type)
Check if type is filterer.
Definition: class.ilObjRole.php:858
ilObjRole\updateOperationStack
updateOperationStack(&$a_stack, $a_node, $a_init=false)
Update operation stack.
Definition: class.ilObjRole.php:878
ilObject\getId
getId()
get object id @access public
Definition: class.ilObject.php:295
ilRbacLog\diffFaPa
static diffFaPa(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:77
ilRbacLog\add
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
Definition: class.ilRbacLog.php:162
ilRbacLog\EDIT_TEMPLATE_EXISTING
const EDIT_TEMPLATE_EXISTING
Definition: class.ilRbacLog.php:22
ilRbacLog\gatherFaPa
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
Definition: class.ilRbacLog.php:36
ilRbacLog\isActive
static isActive()
Definition: class.ilRbacLog.php:25
ilTree\RELATION_EQUALS
const RELATION_EQUALS
Definition: class.ilTree.php:33
ilTree\RELATION_PARENT
const RELATION_PARENT
Definition: class.ilTree.php:31
ilTree\RELATION_NONE
const RELATION_NONE
Definition: class.ilTree.php:34
ilTree\RELATION_SIBLING
const RELATION_SIBLING
Definition: class.ilTree.php:32
ilTree\RELATION_CHILD
const RELATION_CHILD
Definition: class.ilTree.php:30
$GLOBALS
$GLOBALS['ct_recipient']
Definition: example_form.ajax.php:4

References $GLOBALS, ilRbacLog\add(), createPermissionIntersection(), ilRbacLog\diffFaPa(), ilRbacLog\EDIT_TEMPLATE_EXISTING, ilRbacLog\gatherFaPa(), ilObject\getId(), ilRbacLog\isActive(), isHandledObjectType(), ilTree\RELATION_CHILD, ilTree\RELATION_EQUALS, ilTree\RELATION_NONE, ilTree\RELATION_PARENT, ilTree\RELATION_SIBLING, updateOperationStack(), and updatePolicyStack().

Referenced by changeExistingObjects().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ assignData()

ilObjRole::assignData (   $a_data)

loads a record "role" from array @access public

Parameters
arrayroledata

Definition at line 185 of file class.ilObjRole.php.

186 {
187 $this->setTitle(ilUtil::stripSlashes($a_data["title"]));
188 $this->setDescription(ilUtil::stripslashes($a_data["desc"]));
189 $this->setAllowRegister($a_data["allow_register"]);
190 $this->toggleAssignUsersStatus($a_data['assign_users']);
191 $this->setDiskQuota($a_data['disk_quota']);
192 $this->setPersonalWorkspaceDiskQuota($a_data['wsp_disk_quota']);
193 }
ilObjRole\setAllowRegister
setAllowRegister($a_allow_register)
set allow_register of role
Definition: class.ilObjRole.php:251
ilObjRole\toggleAssignUsersStatus
toggleAssignUsersStatus($a_assign_users)
Definition: class.ilObjRole.php:132
ilObjRole\setDiskQuota
setDiskQuota($a_disk_quota)
Definition: class.ilObjRole.php:280
ilObjRole\setPersonalWorkspaceDiskQuota
setPersonalWorkspaceDiskQuota($a_disk_quota)
Definition: class.ilObjRole.php:308
ilObject\setTitle
setTitle($a_title)
set object title
Definition: class.ilObject.php:393
ilObject\setDescription
setDescription($a_desc)
set object description
Definition: class.ilObject.php:418
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2673

References setAllowRegister(), ilObject\setDescription(), setDiskQuota(), setPersonalWorkspaceDiskQuota(), ilObject\setTitle(), ilUtil\stripSlashes(), and toggleAssignUsersStatus().

Referenced by read().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ changeExistingObjects()

ilObjRole::changeExistingObjects (   $a_start_node,
  $a_mode,
  $a_filter,
  $a_exclusion_filter = array() 
)

Change existing objects.

Parameters
int$a_start_node
int$a_mode
arrayfilter Filter of object types (array('all') => change all objects
Returns

Definition at line 636 of file class.ilObjRole.php.

637 {
638 global $tree,$rbacreview;
639
640 // Get node info of subtree
641 $nodes = $tree->getRbacSubtreeInfo($a_start_node);
642
643 // get local policies
644 $all_local_policies = $rbacreview->getObjectsWithStopedInheritance($this->getId());
645
646 // filter relevant roles
647 $local_policies = array();
648 foreach($all_local_policies as $lp)
649 {
650 if(isset($nodes[$lp]))
651 {
652 $local_policies[] = $lp;
653 }
654 }
655
656 // Delete deprecated policies
657 switch($a_mode)
658 {
659 case self::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES:
660 case self::MODE_PROTECTED_DELETE_LOCAL_POLICIES:
661 $local_policies = $this->deleteLocalPolicies($a_start_node,$local_policies,$a_filter);
662 #$local_policies = array($a_start_node == ROOT_FOLDER_ID ? SYSTEM_FOLDER_ID : $a_start_node);
663 break;
664 }
665 $this->adjustPermissions($a_mode,$nodes,$local_policies,$a_filter,$a_exclusion_filter);
666
667 #var_dump(memory_get_peak_usage());
668 #var_dump(memory_get_usage());
669 }
ilObjRole\MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:17
ilObjRole\MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
ilObjRole\deleteLocalPolicies
deleteLocalPolicies($a_start, $a_policies, $a_filter)
Delete local policies.
Definition: class.ilObjRole.php:676
ilObjRole\adjustPermissions
adjustPermissions($a_mode, $a_nodes, $a_policies, $a_filter, $a_exclusion_filter=array())
Adjust permissions.
Definition: class.ilObjRole.php:706

References adjustPermissions(), deleteLocalPolicies(), ilObject\getId(), MODE_PROTECTED_DELETE_LOCAL_POLICIES, and MODE_UNPROTECTED_DELETE_LOCAL_POLICIES.

+ Here is the call graph for this function:

◆ create()

ilObjRole::create ( )

create

@access public

Returns
integer object id

Reimplemented from ilObject.

Definition at line 225 of file class.ilObjRole.php.

226 {
227 global $ilDB;
228
229 $this->id = parent::create();
230
231 $query = "INSERT INTO role_data ".
232 "(role_id,allow_register,assign_users,disk_quota,wsp_disk_quota) ".
233 "VALUES ".
234 "(".$ilDB->quote($this->id,'integer').",".
235 $ilDB->quote($this->getAllowRegister(),'integer').",".
236 $ilDB->quote($this->getAssignUsersStatus(),'integer').",".
237 $ilDB->quote($this->getDiskQuota(),'integer').",".
238 $ilDB->quote($this->getPersonalWorkspaceDiskQuota(),'integer').")"
239 ;
240 $res = $ilDB->query($query);
241
242 return $this->id;
243 }
ilObjRole\getPersonalWorkspaceDiskQuota
getPersonalWorkspaceDiskQuota()
Definition: class.ilObjRole.php:322
ilObjRole\getAllowRegister
getAllowRegister()
get allow_register
Definition: class.ilObjRole.php:267

References ilObject\$id, $ilDB, $query, $res, getAllowRegister(), getAssignUsersStatus(), getDiskQuota(), and getPersonalWorkspaceDiskQuota().

+ Here is the call graph for this function:

◆ createDefaultRole()

static ilObjRole::createDefaultRole (   $a_title,
  $a_description,
  $a_tpl_name,
  $a_ref_id 
)
static
Parameters
type$a_title
type$a_description
type$a_tpl_name
type$a_ref_id
Returns
ilObjRole

Definition at line 60 of file class.ilObjRole.php.

61 {
62 global $ilDB;
63
64 // SET PERMISSION TEMPLATE OF NEW LOCAL CONTRIBUTOR ROLE
65 $res = $ilDB->query("SELECT obj_id FROM object_data ".
66 " WHERE type=".$ilDB->quote("rolt", "text").
67 " AND title=".$ilDB->quote($a_tpl_name, "text"));
68 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
69 {
70 $tpl_id = $row->obj_id;
71 }
72
73 if(!$tpl_id)
74 {
75 return null;
76 }
77
78 include_once './Services/AccessControl/classes/class.ilObjRole.php';
79 $role = new ilObjRole();
80 $role->setTitle($a_title);
81 $role->setDescription($a_description);
82 $role->create();
83
84 $GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(),$a_ref_id,'y');
85
86 $GLOBALS['rbacadmin']->copyRoleTemplatePermissions(
87 $tpl_id,
88 ROLE_FOLDER_ID,
89 $a_ref_id,
90 $role->getId()
91 );
92
93 $ops = $GLOBALS['rbacreview']->getOperationsOfRole(
94 $role->getId(),
95 ilObject::_lookupType($a_ref_id, TRUE),
96 $a_ref_id
97 );
98 $GLOBALS['rbacadmin']->grantPermission(
99 $role->getId(),
100 $ops,
101 $a_ref_id
102 );
103 return $role;
104 }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
ilObjRole\ilObjRole
ilObjRole($a_id=0, $a_call_by_reference=false)
Constructor @access public.
Definition: class.ilObjRole.php:44
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1183

References $GLOBALS, $ilDB, $res, $row, ilObject\_lookupType(), DB_FETCHMODE_OBJECT, and ilObjRole().

Referenced by ilObjBlog\initDefaultRoles(), ilObjChatroom\initDefaultRoles(), ilObjCourse\initDefaultRoles(), ilObjForum\initDefaultRoles(), ilObjGroup\initDefaultRoles(), and ilObjOrgUnit\initDefaultRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ createPermissionIntersection()

ilObjRole::createPermissionIntersection (   $policy_stack,
  $a_current_ops,
  $a_id,
  $a_type 
)
protected

Create course group permission intersection.

Parameters
arrayoperation stack
int$a_id
string$a_type
Returns

Definition at line 961 of file class.ilObjRole.php.

962 {
963 global $ilDB, $rbacreview,$rbacadmin;
964
965 static $course_non_member_id = null;
966 static $group_non_member_id = null;
967 static $group_open_id = null;
968 static $group_closed_id = null;
969
970 // Get template id
971 switch($a_type)
972 {
973 case 'grp':
974
975 include_once './Modules/Group/classes/class.ilObjGroup.php';
976 $type = ilObjGroup::lookupGroupTye(ilObject::_lookupObjId($a_id));
977 #var_dump("GROUP TYPE",$type);
978 switch($type)
979 {
980 case GRP_TYPE_CLOSED:
981 if(!$group_closed_id)
982 {
983 $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_grp_status_closed'";
984 $res = $ilDB->query($query);
985 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
986 {
987 $group_closed_id = $row->obj_id;
988 }
989 }
990 $template_id = $group_closed_id;
991 #var_dump("GROUP CLOSED id:" . $template_id);
992 break;
993
994 case GRP_TYPE_OPEN:
995 default:
996 if(!$group_open_id)
997 {
998 $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_grp_status_open'";
999 $res = $ilDB->query($query);
1000 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1001 {
1002 $group_open_id = $row->obj_id;
1003 }
1004 }
1005 $template_id = $group_open_id;
1006 #var_dump("GROUP OPEN id:" . $template_id);
1007 break;
1008 }
1009 break;
1010
1011 case 'crs':
1012 if(!$course_non_member_id)
1013 {
1014 $query = "SELECT obj_id FROM object_data WHERE type='rolt' AND title='il_crs_non_member'";
1015 $res = $ilDB->query($query);
1016 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1017 {
1018 $course_non_member_id = $row->obj_id;
1019 }
1020 }
1021 $template_id = $course_non_member_id;
1022 break;
1023 }
1024
1025 $current_ops = $a_current_ops[$a_type];
1026
1027 // Create intersection template permissions
1028 if($template_id)
1029 {
1030 //$rolf = $rbacreview->getRoleFolderIdOfObject($a_id);
1031
1032 $rbacadmin->copyRolePermissionIntersection(
1033 $template_id, ROLE_FOLDER_ID,
1034 $this->getId(), end($policy_stack),
1035 $a_id,$this->getId()
1036 );
1037 }
1038 else
1039 {
1040 #echo "No template id for ".$a_id.' of type'.$a_type.'<br>';
1041 }
1042 #echo "ROLE ASSIGN: ".$rolf.' AID'.$a_id;
1043 if($a_id and !$GLOBALS['rbacreview']->isRoleAssignedToObject($this->getId(),$a_id))
1044 {
1045 $rbacadmin->assignRoleToFolder($this->getId(),$a_id,"n");
1046 }
1047 return true;
1048 }
GRP_TYPE_OPEN
const GRP_TYPE_OPEN
Definition: class.ilObjGroup.php:20
GRP_TYPE_CLOSED
const GRP_TYPE_CLOSED
Definition: class.ilObjGroup.php:19
ilObjGroup\lookupGroupTye
static lookupGroupTye($a_id)
Lookup group type.
Definition: class.ilObjGroup.php:113
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1028

References $GLOBALS, $ilDB, $query, $res, $row, ilObject\$type, ilObject\_lookupObjId(), DB_FETCHMODE_OBJECT, ilObject\getId(), GRP_TYPE_CLOSED, GRP_TYPE_OPEN, and ilObjGroup\lookupGroupTye().

Referenced by adjustPermissions().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ delete()

ilObjRole::delete ( )

delete role and all related data

@access public

Returns
boolean true if all object data were removed; false if only a references were removed

Reimplemented from ilObject.

Definition at line 407 of file class.ilObjRole.php.

408 {
409 global $rbacadmin, $rbacreview,$ilDB;
410
411 // Temporary bugfix
412 if($rbacreview->hasMultipleAssignments($this->getId()))
413 {
414 $GLOBALS['ilLog']->write(__METHOD__.': Found role with multiple assignments: '.$this->getId());
415 return false;
416 }
417
418 if ($rbacreview->isAssignable($this->getId(),$this->getParent()))
419 {
420 // do not delete a global role, if the role is the last
421 // role a user is assigned to.
422 //
423 // Performance improvement: In the code section below, we
424 // only need to consider _global_ roles. We don't need
425 // to check for _local_ roles, because a user who has
426 // a local role _always_ has a global role too.
427 $last_role_user_ids = array();
428 if ($this->getParent() == ROLE_FOLDER_ID)
429 {
430 // The role is a global role: check if
431 // we find users who aren't assigned to any
432 // other global role than this one.
433 $user_ids = $rbacreview->assignedUsers($this->getId());
434
435 foreach ($user_ids as $user_id)
436 {
437 // get all roles each user has
438 $role_ids = $rbacreview->assignedRoles($user_id);
439
440 // is last role?
441 if (count($role_ids) == 1)
442 {
443 $last_role_user_ids[] = $user_id;
444 }
445 }
446 }
447
448 // users with last role found?
449 if (count($last_role_user_ids) > 0)
450 {
451 foreach ($last_role_user_ids as $user_id)
452 {
453//echo "<br>last role for user id:".$user_id.":";
454 // GET OBJECT TITLE
455 $tmp_obj = $this->ilias->obj_factory->getInstanceByObjId($user_id);
456 $user_names[] = $tmp_obj->getFullname();
457 unset($tmp_obj);
458 }
459
460 // TODO: This check must be done in rolefolder object because if multiple
461 // roles were selected the other roles are still deleted and the system does not
462 // give any feedback about this.
463 $users = implode(', ',$user_names);
464 $this->ilias->raiseError($this->lng->txt("msg_user_last_role1")." ".
465 $users."<br/>".$this->lng->txt("msg_user_last_role2"),$this->ilias->error_obj->WARNING);
466 }
467 else
468 {
469 // IT'S A BASE ROLE
470 $rbacadmin->deleteRole($this->getId(),$this->getParent());
471
472 // Delete ldap role group mappings
473 include_once('./Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php');
474 ilLDAPRoleGroupMappingSettings::_deleteByRole($this->getId());
475
476 // delete object_data entry
477 parent::delete();
478
479 // delete role_data entry
480 $query = "DELETE FROM role_data WHERE role_id = ".$ilDB->quote($this->getId(),'integer');
481 $res = $ilDB->manipulate($query);
482
483 include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
484 $role_desk_item_obj = new ilRoleDesktopItem($this->getId());
485 $role_desk_item_obj->deleteAll();
486
487 }
488 }
489 else
490 {
491 // linked local role: INHERITANCE WAS STOPPED, SO DELETE ONLY THIS LOCAL ROLE
492 $rbacadmin->deleteLocalRole($this->getId(),$this->getParent());
493 }
494 return true;
495 }
ilObjRole\getParent
getParent()
get reference id of parent object
Definition: class.ilObjRole.php:395
ilias
redirection script todo: (a better solution should control the processing via a xml file)

References $GLOBALS, $ilDB, $query, $res, ilLDAPRoleGroupMappingSettings\_deleteByRole(), ilObject\getId(), and getParent().

+ Here is the call graph for this function:

◆ deleteLocalPolicies()

ilObjRole::deleteLocalPolicies (   $a_start,
  $a_policies,
  $a_filter 
)
protected

Delete local policies.

Parameters
array$a_policiesarray of object ref ids that define local policies
Returns

Definition at line 676 of file class.ilObjRole.php.

677 {
678 global $rbacreview,$rbacadmin;
679
680 $local_policies = array();
681 foreach($a_policies as $policy)
682 {
683 if($policy == $a_start or $policy == SYSTEM_FOLDER_ID)
684 {
685 $local_policies[] = $policy;
686 continue;
687 }
688 if(!in_array('all',$a_filter) and !in_array(ilObject::_lookupType(ilObject::_lookupObjId($policy)),$a_filter))
689 {
690 $local_policies[] = $policy;
691 continue;
692 }
693 $rbacadmin->deleteLocalRole($this->getId(),$policy);
694 }
695 return $local_policies;
696 }

References ilObject\_lookupObjId(), ilObject\_lookupType(), and ilObject\getId().

Referenced by changeExistingObjects().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAllowRegister()

ilObjRole::getAllowRegister ( )

get allow_register

@access public

Returns
integer

Definition at line 267 of file class.ilObjRole.php.

268 {
269 return $this->allow_register ? $this->allow_register : false;
270 }

Referenced by create(), and ilObjRoleGUI\readRoleProperties().

+ Here is the caller graph for this function:

◆ getAssignUsersStatus()

ilObjRole::getAssignUsersStatus ( )

Definition at line 136 of file class.ilObjRole.php.

137 {
138 return $this->assign_users ? $this->assign_users : 0;
139 }

Referenced by create(), ilObjRoleGUI\readRoleProperties(), and update().

+ Here is the caller graph for this function:

◆ getCountMembers()

ilObjRole::getCountMembers ( )

Definition at line 497 of file class.ilObjRole.php.

498 {
499 global $rbacreview;
500
501 return count($rbacreview->assignedUsers($this->getId()));
502 }

◆ getDiskQuota()

ilObjRole::getDiskQuota ( ) 
Gets the minimal disk quota imposed by this role.

Returns the minimal disk quota in bytes. The default value is 0.

@access public

Returns
integer

Definition at line 294 of file class.ilObjRole.php.

295 {
296 return $this->disk_quota;
297 }
ilObjRole\$disk_quota
$disk_quota
The disk quota in bytes.
Definition: class.ilObjRole.php:35

References $disk_quota.

Referenced by create(), ilObjRoleGUI\readRoleProperties(), and update().

+ Here is the caller graph for this function:

◆ getParent()

ilObjRole::getParent ( )

get reference id of parent object

@access public

Returns
integer ref_id of parent object

Definition at line 395 of file class.ilObjRole.php.

396 {
397 return $this->parent;
398 }

References $parent.

Referenced by delete().

+ Here is the caller graph for this function:

◆ getPersonalWorkspaceDiskQuota()

ilObjRole::getPersonalWorkspaceDiskQuota ( ) 
Gets the minimal personal workspace disk quota imposed by this role.

Returns the minimal disk quota in bytes. The default value is 0.

@access public

Returns
integer

Definition at line 322 of file class.ilObjRole.php.

323 {
324 return $this->wsp_disk_quota;
325 }

References $wsp_disk_quota.

Referenced by create(), ilObjRoleGUI\readRoleProperties(), and update().

+ Here is the caller graph for this function:

◆ getPresentationTitle()

ilObjRole::getPresentationTitle ( )

return translated title for autogenerated roles

Returns

Reimplemented from ilObject.

Definition at line 127 of file class.ilObjRole.php.

128 {
129 return ilObjRole::_getTranslation($this->getTitle());
130 }
ilObjRole\_getTranslation
_getTranslation($a_role_title)
Definition: class.ilObjRole.php:504
ilObject\getTitle
getTitle()
get object title @access public
Definition: class.ilObject.php:371

References _getTranslation(), and ilObject\getTitle().

+ Here is the call graph for this function:

◆ ilObjRole()

ilObjRole::ilObjRole (   $a_id = 0,
  $a_call_by_reference = false 
)

Constructor @access public.

Parameters
integerreference_id or object_id
booleantreat the id as reference_id (true) or object_id (false)

Definition at line 44 of file class.ilObjRole.php.

45 {
46 $this->type = "role";
47 $this->disk_quota = 0;
48 $this->wsp_disk_quota = 0;
49 $this->ilObject($a_id,$a_call_by_reference);
50 }
ilObject\ilObject
ilObject($a_id=0, $a_reference=true)
Constructor @access public.
Definition: class.ilObject.php:99

References ilObject\ilObject().

Referenced by createDefaultRole().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isAutoGenerated()

static ilObjRole::isAutoGenerated (   $a_role_id)
static

Definition at line 624 of file class.ilObjRole.php.

625 {
626 return substr(ilObject::_lookupTitle($a_role_id), 0, 3) == 'il_';
627 }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:931

References ilObject\_lookupTitle().

Referenced by ilObjRoleGUI\initFormRoleProperties().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isHandledObjectType()

ilObjRole::isHandledObjectType (   $a_filter,
  $a_exclusion_filter,
  $a_type 
)
protected

Check if type is filterer.

Parameters
array$a_filter
string$a_type
Returns

Definition at line 858 of file class.ilObjRole.php.

859 {
860 if(in_array($a_type,$a_exclusion_filter))
861 {
862 return false;
863 }
864
865 if(in_array('all',$a_filter))
866 {
867 return true;
868 }
869 return in_array($a_type,$a_filter);
870 }

Referenced by adjustPermissions().

+ Here is the caller graph for this function:

◆ read()

ilObjRole::read ( )

loads "role" from database @access private

Definition at line 158 of file class.ilObjRole.php.

159 {
160 global $ilDB;
161
162 $query = "SELECT * FROM role_data WHERE role_id= ".$ilDB->quote($this->id,'integer')." ";
163
164 $res = $ilDB->query($query);
165 if ($res->numRows() > 0)
166 {
167 $data = $ilDB->fetchAssoc($res);
168
169 // fill member vars in one shot
170 $this->assignData($data);
171 }
172 else
173 {
174 $this->ilias->raiseError("<b>Error: There is no dataset with id ".$this->id."!</b><br />class: ".get_class($this)."<br />Script: ".__FILE__."<br />Line: ".__LINE__, $this->ilias->FATAL);
175 }
176
177 parent::read();
178 }
ilObjRole\assignData
assignData($a_data)
loads a record "role" from array @access public
Definition: class.ilObjRole.php:185

References $data, $ilDB, $query, $res, and assignData().

Referenced by update().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setAllowRegister()

ilObjRole::setAllowRegister (   $a_allow_register)

set allow_register of role

@access public

Parameters
integer

Definition at line 251 of file class.ilObjRole.php.

252 {
253 if (empty($a_allow_register))
254 {
255 $a_allow_register == 0;
256 }
257
258 $this->allow_register = (int) $a_allow_register;
259 }

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

+ Here is the caller graph for this function:

◆ setDiskQuota()

ilObjRole::setDiskQuota (   $a_disk_quota) 
Sets the minimal disk quota imposed by this role.

The minimal disk quota is specified in bytes. 

@access     public
@param      integer

Definition at line 280 of file class.ilObjRole.php.

281 {
282 $this->disk_quota = $a_disk_quota;
283 }

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

+ Here is the caller graph for this function:

◆ setParent()

ilObjRole::setParent (   $a_parent_ref)

set reference id of parent object this is neccessary for non RBAC protected objects!!!

@access public

Parameters
integerref_id of parent object

Definition at line 384 of file class.ilObjRole.php.

385 {
386 $this->parent = $a_parent_ref;
387 }

◆ setPersonalWorkspaceDiskQuota()

ilObjRole::setPersonalWorkspaceDiskQuota (   $a_disk_quota) 
Sets the minimal personal workspace disk quota imposed by this role.

The minimal disk quota is specified in bytes. 

@access     public
@param      integer

Definition at line 308 of file class.ilObjRole.php.

309 {
310 $this->wsp_disk_quota = $a_disk_quota;
311 }

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

+ Here is the caller graph for this function:

◆ toggleAssignUsersStatus()

ilObjRole::toggleAssignUsersStatus (   $a_assign_users)

Definition at line 132 of file class.ilObjRole.php.

133 {
134 $this->assign_users = (int) $a_assign_users;
135 }

Referenced by assignData(), and ilObjRoleGUI\loadRoleProperties().

+ Here is the caller graph for this function:

◆ update()

ilObjRole::update ( )

updates a record "role" and write it into database @access public

Reimplemented from ilObject.

Definition at line 199 of file class.ilObjRole.php.

200 {
201 global $ilDB;
202
203 $query = "UPDATE role_data SET ".
204 "allow_register= ".$ilDB->quote($this->allow_register,'integer').", ".
205 "assign_users = ".$ilDB->quote($this->getAssignUsersStatus(),'integer').", ".
206 "disk_quota = ".$ilDB->quote($this->getDiskQuota(),'integer').", ".
207 "wsp_disk_quota = ".$ilDB->quote($this->getPersonalWorkspaceDiskQuota(),'integer')." ".
208 "WHERE role_id= ".$ilDB->quote($this->id,'integer')." ";
209 $res = $ilDB->manipulate($query);
210
211 parent::update();
212
213 $this->read();
214
215 return true;
216 }
ilObjRole\read
read()
loads "role" from database @access private
Definition: class.ilObjRole.php:158

References $ilDB, $query, $res, getAssignUsersStatus(), getDiskQuota(), getPersonalWorkspaceDiskQuota(), and read().

+ Here is the call graph for this function:

◆ updateOperationStack()

ilObjRole::updateOperationStack ( $a_stack,
  $a_node,
  $a_init = false 
)
protected

Update operation stack.

Parameters
array$a_stack
int$a_node
Returns

Definition at line 878 of file class.ilObjRole.php.

879 {
880 global $rbacreview;
881
882 $has_policies = null;
883 $policy_origin = null;
884
885 if($a_node == ROOT_FOLDER_ID)
886 {
887 $has_policies = TRUE;
888 $policy_origin = ROLE_FOLDER_ID;
889 }
890 else
891 {
892 $has_policies = $rbacreview->getLocalPolicies($a_node);
893 $policy_origin = $a_node;
894
895 if($a_init)
896 {
897 $parent_roles = $rbacreview->getParentRoleIds($a_node,false);
898 if($parent_roles[$this->getId()])
899 {
900 $a_stack[] = $rbacreview->getAllOperationsOfRole(
901 $this->getId(),
902 $parent_roles[$this->getId()]['parent']
903 );
904 }
905 return true;
906 }
907
908 }
909
910 if(!$has_policies)
911 {
912 return false;
913 }
914
915 $a_stack[] = $rbacreview->getAllOperationsOfRole(
916 $this->getId(),
917 $policy_origin
918 );
919 return true;
920 }

References ilObject\getId().

Referenced by adjustPermissions().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ updatePolicyStack()

ilObjRole::updatePolicyStack ( $a_stack,
  $a_node 
)
protected

Update policy stack.

Parameters
object$a_node
Returns

Definition at line 927 of file class.ilObjRole.php.

928 {
929 global $rbacreview;
930
931 $has_policies = null;
932 $policy_origin = null;
933
934 if($a_node == ROOT_FOLDER_ID)
935 {
936 $has_policies = TRUE;
937 $policy_origin = ROLE_FOLDER_ID;
938 }
939 else
940 {
941 $has_policies = $rbacreview->getLocalPolicies($a_node);
942 $policy_origin = $a_node;
943 }
944
945 if(!$has_policies)
946 {
947 return false;
948 }
949
950 $a_stack[] = $policy_origin;
951 return true;
952 }

Referenced by adjustPermissions().

+ Here is the caller graph for this function:

◆ validate()

ilObjRole::validate ( )

Validate role data.

Returns
bool

Definition at line 111 of file class.ilObjRole.php.

112 {
113 global $ilErr;
114
115 if(substr($this->getTitle(),0,3) == 'il_')
116 {
117 $ilErr->setMessage('msg_role_reserved_prefix');
118 return false;
119 }
120 return true;
121 }
$ilErr
$ilErr
Definition: inc.setup_header.php:81

References $ilErr, and ilObject\getTitle().

+ Here is the call graph for this function:

Field Documentation

◆ $allow_register

ilObjRole::$allow_register

Definition at line 31 of file class.ilObjRole.php.

◆ $assign_users

ilObjRole::$assign_users

Definition at line 32 of file class.ilObjRole.php.

◆ $disk_quota

ilObjRole::$disk_quota

The disk quota in bytes.

Definition at line 35 of file class.ilObjRole.php.

Referenced by getDiskQuota().

◆ $parent

ilObjRole::$parent

Definition at line 29 of file class.ilObjRole.php.

Referenced by getParent().

◆ $wsp_disk_quota

ilObjRole::$wsp_disk_quota

Definition at line 36 of file class.ilObjRole.php.

Referenced by getPersonalWorkspaceDiskQuota().

◆ MODE_PROTECTED_DELETE_LOCAL_POLICIES

const ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES = 1

Definition at line 17 of file class.ilObjRole.php.

Referenced by changeExistingObjects(), ilDidacticTemplateLocalPolicyAction\createLocalPolicy(), ilObjRoleFolderGUI\doCopyRole(), ilDidacticTemplateLocalPolicyAction\revert(), ilDidacticTemplateLocalPolicyAction\revertLocalPolicy(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

◆ MODE_PROTECTED_KEEP_LOCAL_POLICIES

const ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES = 2

Definition at line 18 of file class.ilObjRole.php.

Referenced by ilPermissionGUI\addRole(), ilObjRoleGUI\permSaveObject(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

◆ MODE_UNPROTECTED_DELETE_LOCAL_POLICIES

const ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES = 3

Definition at line 19 of file class.ilObjRole.php.

Referenced by changeExistingObjects(), ilDidacticTemplateLocalPolicyAction\createLocalPolicy(), ilDidacticTemplateBlockRoleAction\deleteLocalPolicy(), ilObjRoleFolderGUI\doCopyRole(), ilDidacticTemplateLocalPolicyAction\revert(), ilDidacticTemplateLocalPolicyAction\revertLocalPolicy(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

◆ MODE_UNPROTECTED_KEEP_LOCAL_POLICIES

const ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES = 4

Definition at line 20 of file class.ilObjRole.php.

Referenced by ilPermissionGUI\addRole(), ilObjRoleGUI\permSaveObject(), and ilObjRoleGUI\showChangeExistingObjectsConfirmation().

The documentation for this class was generated from the following file: