ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilRbacLog.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3
15{
17 const MOVE_OBJECT = 2;
18 const LINK_OBJECT = 3;
19 const COPY_OBJECT = 4;
20 const CREATE_OBJECT = 5;
21 const EDIT_TEMPLATE = 6;
23 const CHANGE_OWNER = 8;
24
25 static public function isActive()
26 {
27 include_once "Services/PrivacySecurity/classes/class.ilPrivacySettings.php";
29 if($settings->enabledRbacLog())
30 {
31 return true;
32 }
33 return false;
34 }
35
36 static public function gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action = false)
37 {
38 global $rbacreview;
39
40 $result = array();
41
42 // #10946 - if result is written to log directly we need to add an "action" dimension
43 // if result is used as input to diffFaPa() we need "raw" data
44
45 // roles
46 foreach($a_role_ids as $role_id)
47 {
48 if ($role_id != SYSTEM_ROLE_ID)
49 {
50 if($a_add_action)
51 {
52 $result["ops"][$role_id]["add"] = $rbacreview->getRoleOperationsOnObject($role_id, $a_ref_id);
53 }
54 else
55 {
56 $result["ops"][$role_id] = $rbacreview->getRoleOperationsOnObject($role_id, $a_ref_id);
57 }
58 }
59 }
60
61 // inheritance
62 if($a_ref_id && $a_ref_id != ROLE_FOLDER_ID)
63 {
64 if($a_add_action)
65 {
66 $result["inht"]["add"] = $rbacreview->getRolesOfRoleFolder($a_ref_id);
67 }
68 else
69 {
70 $result["inht"] = $rbacreview->getRolesOfRoleFolder($a_ref_id);
71 }
72 }
73
74 return $result;
75 }
76
77 static public function diffFaPa(array $a_old, array $a_new)
78 {
79 $result = array();
80
81 // roles
82 foreach((array) $a_old["ops"] as $role_id => $ops)
83 {
84 $diff = array_diff($ops, $a_new["ops"][$role_id]);
85 if(sizeof($diff))
86 {
87 $result["ops"][$role_id]["rmv"] = array_values($diff);
88 }
89 $diff = array_diff($a_new["ops"][$role_id], $ops);
90 if(sizeof($diff))
91 {
92 $result["ops"][$role_id]["add"] = array_values($diff);
93 }
94 }
95
96 if(isset($a_old["inht"]) || isset($a_new["inht"]))
97 {
98 if(isset($a_old["inht"]) && !isset($a_new["inht"]))
99 {
100 $result["inht"]["rmv"] = $a_old["inht"];
101 }
102 else if(!isset($a_old["inht"]) && isset($a_new["inht"]))
103 {
104 $result["inht"]["add"] = $a_new["inht"];
105 }
106 else
107 {
108 $diff = array_diff($a_old["inht"], $a_new["inht"]);
109 if(sizeof($diff))
110 {
111 $result["inht"]["rmv"] = array_values($diff);
112 }
113 $diff = array_diff($a_new["inht"], $a_old["inht"]);
114 if(sizeof($diff))
115 {
116 $result["inht"]["add"] = array_values($diff);
117 }
118 }
119 }
120
121 return $result;
122 }
123
124 static public function gatherTemplate($a_role_ref_id, $a_role_id)
125 {
126 global $rbacreview;
127
128 return $rbacreview->getAllOperationsOfRole($a_role_id, $a_role_ref_id);
129 }
130
131 static public function diffTemplate(array $a_old, array $a_new)
132 {
133 $result = array();
134 $types = array_unique(array_merge(array_keys($a_old), array_keys($a_new)));
135 foreach($types as $type)
136 {
137 if(!isset($a_old[$type]))
138 {
139 $result[$type]["add"] = $a_new[$type];
140 }
141 else if(!isset($a_new[$type]))
142 {
143 $result[$type]["rmv"] = $a_old[$type];
144 }
145 else
146 {
147 $diff = array_diff($a_old[$type], $a_new[$type]);
148 if(sizeof($diff))
149 {
150 $result[$type]["rmv"] = array_values($diff);
151 }
152 $diff = array_diff($a_new[$type], $a_old[$type]);
153 if(sizeof($diff))
154 {
155 $result[$type]["add"] = array_values($diff);
156 }
157 }
158 }
159 return $result;
160 }
161
162 static public function add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id = false)
163 {
164 global $ilUser, $ilDB;
165
166 if(self::isValidAction($a_action) && sizeof($a_diff))
167 {
168 if($a_source_ref_id)
169 {
170 $a_diff["src"] = $a_source_ref_id;
171 }
172 $id = $ilDB->nextId('rbac_log');
173
174 $ilDB->query("INSERT INTO rbac_log (log_id, user_id, created, ref_id, action, data)".
175 " VALUES (".$ilDB->quote($id, "integer").",".$ilDB->quote($ilUser->getId(), "integer").
176 ",".$ilDB->quote(time(), "integer").
177 ",".$ilDB->quote($a_ref_id, "integer").",".$ilDB->quote($a_action, "integer").
178 ",".$ilDB->quote(serialize($a_diff), "text").")");
179 return true;
180 }
181 return false;
182 }
183
184 static protected function isValidAction($a_action)
185 {
186 if(in_array($a_action, array(self::EDIT_PERMISSIONS, self::MOVE_OBJECT, self::LINK_OBJECT,
187 self::COPY_OBJECT, self::CREATE_OBJECT, self::EDIT_TEMPLATE, self::EDIT_TEMPLATE_EXISTING,
188 self::CHANGE_OWNER)))
189 {
190 return true;
191 }
192 return false;
193 }
194
195 static public function getLogItems($a_ref_id, $a_limit, $a_offset, array $a_filter = NULL)
196 {
197 global $ilDB, $rbacreview;
198
199 if($a_filter)
200 {
201 $where = NULL;
202 if($a_filter["action"])
203 {
204 $where[] = "action = ".$ilDB->quote($a_filter["action"], "integer");
205 }
206 if($a_filter["date"]["from"])
207 {
208 $from = $a_filter["date"]["from"]->get(IL_CAL_UNIX);
209 $from = strtotime("00:00:00", $from);
210 $where[] = "created >= ".$ilDB->quote($from, "integer");
211 }
212 if($a_filter["date"]["to"])
213 {
214 $to = $a_filter["date"]["to"]->get(IL_CAL_UNIX);
215 $to = strtotime("23:59:59", $to);
216 $where[] = "created <= ".$ilDB->quote($to, "integer");
217 }
218 if(sizeof($where))
219 {
220 $where = " AND ".implode(" AND ", $where);
221 }
222 }
223
224 $set = $ilDB->query("SELECT COUNT(*) FROM rbac_log WHERE ref_id = ".$ilDB->quote($a_ref_id, "integer").$where);
225 $count = array_pop($ilDB->fetchAssoc($set));
226
227 $ilDB->setLimit($a_limit, $a_offset);
228 $set = $ilDB->query("SELECT * FROM rbac_log WHERE ref_id = ".$ilDB->quote($a_ref_id, "integer").
229 $where." ORDER BY created DESC");
230 $result = array();
231 while($row = $ilDB->fetchAssoc($set))
232 {
233 $row["data"] = unserialize($row["data"]);
234 $result[] = $row;
235 }
236 return array("cnt"=>$count, "set"=>$result);
237 }
238
239 static function delete($a_ref_id)
240 {
241 global $ilDB;
242
243 $ilDB->query("DELETE FROM rbac_log WHERE ref_id = ".$ilDB->quote($a_ref_id, "integer"));
244
246 }
247
248 static function garbageCollection()
249 {
250 global $ilDB;
251
252 include_once "Services/PrivacySecurity/classes/class.ilPrivacySettings.php";
254 $max = $settings->getRbacLogAge();
255
256 $ilDB->query("DELETE FROM rbac_log WHERE created < ".$ilDB->quote(strtotime("-".$max."months"), "integer"));
257 }
258}
259
260?>
$result
const IL_CAL_UNIX
static _getInstance()
Get instance of ilPrivacySettings.
class ilRbacLog Log changes in Rbac-related settings
static getLogItems($a_ref_id, $a_limit, $a_offset, array $a_filter=NULL)
const EDIT_PERMISSIONS
static diffTemplate(array $a_old, array $a_new)
const COPY_OBJECT
const MOVE_OBJECT
static diffFaPa(array $a_old, array $a_new)
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static gatherTemplate($a_role_ref_id, $a_role_id)
const EDIT_TEMPLATE_EXISTING
const CHANGE_OWNER
static garbageCollection()
const LINK_OBJECT
const EDIT_TEMPLATE
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
static isActive()
static isValidAction($a_action)
const CREATE_OBJECT
global $ilDB
global $ilUser
Definition: imgupload.php:15