ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Static Protected Attributes | Static Private Attributes
ilRbacReview Class Reference
Services/AccessControl

class ilRbacReview Contains Review functions of core Rbac. More...

+ Collaboration diagram for ilRbacReview:

Public Member Functions

 __construct ()
 Constructor public. More...
 
 searchRolesByMailboxAddressList ($a_address_list)
 Finds all role ids that match the specified user friendly role mailbox address list. More...
 
 getRoleMailboxAddress ($a_role_id, $is_localize=true)
 Returns the mailbox address of a role. More...
 
 roleExists ($a_title, $a_id=0)
 Checks if a role already exists. More...
 
 getParentRoleIds ($a_endnode_id, $a_templates=false)
 get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates public More...
 
 getRoleListByObject ($a_ref_id, $a_templates=false)
 Returns a list of roles in an container public. More...
 
 getAssignableRoles ($a_templates=false, $a_internal_roles=false, $title_filter='')
 Returns a list of all assignable roles public. More...
 
 getAssignableRolesInSubtree ($ref_id)
 Returns a list of assignable roles in a subtree of the repository public. More...
 
 getAssignableChildRoles ($a_ref_id)
 Get all assignable roles directly under a specific node public. More...
 
 getNumberOfAssignedUsers (Array $a_roles)
 Get the number of assigned users to roles ilDB $ilDB. More...
 
 assignedUsers ($a_rol_id, $a_fields=NULL)
 get all assigned users to a given role public More...
 
 isAssigned ($a_usr_id, $a_role_id)
 check if a specific user is assigned to specific role public More...
 
 isAssignedToAtLeastOneGivenRole ($a_usr_id, $a_role_ids)
 check if a specific user is assigned to at least one of the given role ids. More...
 
 assignedRoles ($a_usr_id)
 get all assigned roles to a given user public More...
 
 assignedGlobalRoles ($a_usr_id)
 Get assigned global roles for an user. More...
 
 isAssignable ($a_rol_id, $a_ref_id)
 Check if its possible to assign users public. More...
 
 hasMultipleAssignments ($a_role_id)
 Temporary bugfix. More...
 
 getFoldersAssignedToRole ($a_rol_id, $a_assignable=false)
 Returns an array of objects assigned to a role. More...
 
 getRolesOfObject ($a_ref_id, $a_assignable_only=FALSE)
 Get roles of object. More...
 
 getRolesOfRoleFolder ($a_ref_id, $a_nonassignable=true)
 get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids public More...
 
 getGlobalRoles ()
 get only 'global' roles public More...
 
 getLocalRoles ($a_ref_id)
 Get local roles of object. More...
 
 getLocalPolicies ($a_ref_id)
 Get all roles with local policies. More...
 
 getGlobalRolesArray ()
 get only 'global' roles public More...
 
 getGlobalAssignableRoles ()
 get only 'global' roles (with flag 'assign_users') public More...
 
 isRoleAssignedToObject ($a_role_id, $a_parent_id)
 Check if role is assigned to an object. More...
 
 getOperations ()
 get all possible operations public More...
 
 getOperation ($ops_id)
 get one operation by operation id public More...
 
 getAllOperationsOfRole ($a_rol_id, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public More...
 
 getActiveOperationsOfRole ($a_ref_id, $a_role_id)
 Get active operations for a role. More...
 
 getOperationsOfRole ($a_rol_id, $a_type, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public More...
 
 getRoleOperationsOnObject ($a_role_id, $a_ref_id)
 ilDB $ilDB More...
 
 getOperationsOnType ($a_typ_id)
 all possible operations of a type public More...
 
 getOperationsOnTypeString ($a_type)
 all possible operations of a type public More...
 
 getOperationsByTypeAndClass ($a_type, $a_class)
 Get operations by type and class. More...
 
 getObjectsWithStopedInheritance ($a_rol_id, $a_filter=array())
 get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder. More...
 
 isDeleted ($a_node_id)
 Checks if a rolefolder is set as deleted (negative tree_id) public. More...
 
 isGlobalRole ($a_role_id)
 Check if role is a global role. More...
 
 getRolesByFilter ($a_filter=0, $a_user_id=0, $title_filter='')
 ilDB $ilDB More...
 
 getTypeId ($a_type)
 Get type id of object ilDB $ilDB. More...
 
 isProtected ($a_ref_id, $a_role_id)
 
 isBlockedAtPosition ($a_role_id, $a_ref_id)
 Check if role is blocked at position ilDB $ilDB. More...
 
 isBlockedInUpperContext ($a_role_id, $a_ref_id)
 Check if role is blocked in upper context. More...
 
 getObjectOfRole ($a_role_id)
 Get object id of objects a role is assigned to. More...
 
 getObjectReferenceOfRole ($a_role_id)
 Get reference of role. More...
 
 isRoleDeleted ($a_role_id)
 return if role is only attached to deleted role folders More...
 
 getRolesForIDs ($role_ids, $use_templates)
 ilDB $ilDB More...
 
 getOperationAssignment ()
 get operation assignments More...
 
 isDeleteable ($a_role_id, $a_rolf_id)
 Check if role is deleteable at a specific position. More...
 
 isSystemGeneratedRole ($a_role_id)
 Check if the role is system generate role or role template. More...
 
 getRoleFolderOfRole ($a_role_id)
 Get role folder of role ilDB $ilDB. More...
 
 getUserPermissionsOnObject ($a_user_id, $a_ref_id)
 Get all user permissions on an object. More...
 
 setAssignedCacheEntry ($a_role_id, $a_user_id, $a_value)
 set entry of assigned_chache More...
 
 getAssignedCacheEntry ($a_role_id, $a_user_id)
 get entry of assigned_chache More...
 
 clearCaches ()
 Clear assigned users caches. More...
 

Static Public Member Functions

static _getOperationIdsByName ($operations)
 get ops_id's by name. More...
 
static _getOperationIdByName ($a_operation)
 get operation id by name of operation public static More...
 
static lookupCreateOperationIds ($a_type_arr)
 Lookup operation ids. More...
 
static _getOperationList ($a_type=null)
 get operation list by object type public static More...
 
static _groupOperationsByClass ($a_ops_arr)
 

Data Fields

const FILTER_ALL = 1
 
const FILTER_ALL_GLOBAL = 2
 
const FILTER_ALL_LOCAL = 3
 
const FILTER_INTERNAL = 4
 
const FILTER_NOT_INTERNAL = 5
 
const FILTER_TEMPLATES = 6
 
 $log = null
 

Protected Member Functions

 __getParentRoles ($a_path, $a_templates)
 Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan. More...
 
 __setTemplateFilter ($a_templates)
 get roles and templates or only roles; returns string for where clause private More...
 
 __setRoleType ($a_role_list)
 computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates More...
 
 __setProtectedStatus ($a_parent_roles, $a_role_hierarchy, $a_ref_id)
 Set protected status type $rbacsystem type $ilUser type $log. More...
 

Protected Attributes

 $assigned_roles = array()
 

Static Protected Attributes

static $assigned_users_cache = array()
 
static $is_assigned_cache = array()
 

Static Private Attributes

static $_opsCache = null
 

Detailed Description

class ilRbacReview Contains Review functions of core Rbac.

This class offers the possibility to view the contents of the user <-> role (UR) relation and the permission <-> role (PR) relation. For example, from the UA relation the administrator should have the facility to view all user assigned to a given role.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

Definition at line 19 of file class.ilRbacReview.php.

Constructor & Destructor Documentation

◆ __construct()

ilRbacReview::__construct ( )

Constructor public.

Definition at line 48 of file class.ilRbacReview.php.

References $ilDB, $ilErr, $ilLog, if, and PEAR_ERROR_CALLBACK.

49  {
50  global $ilDB,$ilErr,$ilias,$ilLog;
51 
52  $this->log =& $ilLog;
53 
54  // set db & error handler
55  (isset($ilDB)) ? $this->ilDB =& $ilDB : $this->ilDB =& $ilias->db;
56 
57  if (!isset($ilErr))
58  {
59  $ilErr = new ilErrorHandling();
60  $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
61  }
62  else
63  {
64  $this->ilErr =& $ilErr;
65  }
66  }
PEAR_ERROR_CALLBACK
const PEAR_ERROR_CALLBACK
Definition: PEAR.php:35
$ilLog
$ilLog
Definition: inc.setup_header.php:136
if
if(!file_exists(getcwd().'/ilias.ini.php')) if(isset( $_GET["client_id"]))
registration confirmation script for ilias
Definition: confirmReg.php:20
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$ilErr
$ilErr
Definition: inc.setup_header.php:67

Member Function Documentation

◆ __getParentRoles()

ilRbacReview::__getParentRoles (   $a_path,
  $a_templates 
)
protected

Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan.

Get parent roles in a path. If last parameter is set 'true' it delivers also all templates in the path protected

Parameters
arrayarray with path_ids
booleantrue for role templates (default: false)
Returns
array array with all parent roles (obj_ids)
Todo:
refactor rolf => DONE

Definition at line 605 of file class.ilRbacReview.php.

References $ref_id, __setProtectedStatus(), and getRoleListByObject().

Referenced by getParentRoleIds().

606  {
607  if (!isset($a_path) or !is_array($a_path))
608  {
609  $message = get_class($this)."::getParentRoles(): No path given or wrong datatype!";
610  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
611  }
612 
613  $parent_roles = array();
614  $role_hierarchy = array();
615 
616  foreach($a_path as $ref_id)
617  {
618  $roles = $this->getRoleListByObject($ref_id,$a_templates);
619  foreach($roles as $role)
620  {
621  $id = $role["obj_id"];
622  $role["parent"] = $ref_id;
623  $parent_roles[$id] = $role;
624 
625  if (!array_key_exists($role['obj_id'],$role_hierarchy))
626  {
627  $role_hierarchy[$id] = $ref_id;
628  }
629  }
630  }
631  return $this->__setProtectedStatus($parent_roles,$role_hierarchy,reset($a_path));
632  }
ilRbacReview\getRoleListByObject
getRoleListByObject($a_ref_id, $a_templates=false)
Returns a list of roles in an container public.
Definition: class.ilRbacReview.php:674
ilRbacReview\__setProtectedStatus
__setProtectedStatus($a_parent_roles, $a_role_hierarchy, $a_ref_id)
Set protected status type $rbacsystem type $ilUser type $log.
Definition: class.ilRbacReview.php:1998
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setProtectedStatus()

ilRbacReview::__setProtectedStatus (   $a_parent_roles,
  $a_role_hierarchy,
  $a_ref_id 
)
protected

Set protected status type $rbacsystem type $ilUser type $log.

Parameters
type$a_parent_roles
type$a_role_hierarchy
type$a_ref_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1998 of file class.ilRbacReview.php.

References $ilUser, $log, and assignedRoles().

Referenced by __getParentRoles().

1999  {
2000  //vd('refId',$a_ref_id,'parent roles',$a_parent_roles,'role-hierarchy',$a_role_hierarchy);
2001 
2002  global $rbacsystem,$ilUser,$log;
2003 
2004  if (in_array(SYSTEM_ROLE_ID,$this->assignedRoles($ilUser->getId())))
2005  {
2006  $leveladmin = true;
2007  }
2008  else
2009  {
2010  $leveladmin = false;
2011  }
2012  #vd("RoleHierarchy",$a_role_hierarchy);
2013  foreach ($a_role_hierarchy as $role_id => $rolf_id)
2014  {
2015  //$log->write("ilRBACreview::__setProtectedStatus(), 0");
2016  #echo "<br/>ROLF: ".$rolf_id." ROLE_ID: ".$role_id." (".$a_parent_roles[$role_id]['title'].") ";
2017  //var_dump($leveladmin,$a_parent_roles[$role_id]['protected']);
2018 
2019  if ($leveladmin == true)
2020  {
2021  $a_parent_roles[$role_id]['protected'] = false;
2022  continue;
2023  }
2024 
2025  if ($a_parent_roles[$role_id]['protected'] == true)
2026  {
2027  $arr_lvl_roles_user = array_intersect($this->assignedRoles($ilUser->getId()),array_keys($a_role_hierarchy,$rolf_id));
2028 
2029  #vd("intersection",$arr_lvl_roles_user);
2030 
2031  foreach ($arr_lvl_roles_user as $lvl_role_id)
2032  {
2033  #echo "<br/>level_role: ".$lvl_role_id;
2034  #echo "<br/>a_ref_id: ".$a_ref_id;
2035 
2036  //$log->write("ilRBACreview::__setProtectedStatus(), 1");
2037  // check if role grants 'edit_permission' to parent
2038  $rolf = $a_parent_roles[$role_id]['parent'];
2039  #$parent_obj = $GLOBALS['tree']->getParentId($rolf);
2040  if ($rbacsystem->checkPermission($rolf,$lvl_role_id,'edit_permission'))
2041  {
2042  #echo "<br />Permission granted";
2043  //$log->write("ilRBACreview::__setProtectedStatus(), 2");
2044  // user may change permissions of that higher-ranked role
2045  $a_parent_roles[$role_id]['protected'] = false;
2046 
2047  // remember successful check
2048  //$leveladmin = true;
2049  }
2050  }
2051  }
2052  }
2053  return $a_parent_roles;
2054  }
$ilUser
global $ilUser
Definition: imgupload.php:15
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user public
Definition: class.ilRbacReview.php:1038
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setRoleType()

ilRbacReview::__setRoleType (   $a_role_list)
protected

computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates

private

Parameters
arrayrole list
Returns
array role list with additional entry for role_type
Todo:
refactor rolf => DONE

Definition at line 843 of file class.ilRbacReview.php.

Referenced by getAssignableRoles(), getRoleListByObject(), getRolesByFilter(), and getRolesForIDs().

844  {
845  foreach ($a_role_list as $key => $val)
846  {
847  // determine role type
848  if ($val["type"] == "rolt")
849  {
850  $a_role_list[$key]["role_type"] = "template";
851  }
852  else
853  {
854  if ($val["assign"] == "y")
855  {
856  if ($val["parent"] == ROLE_FOLDER_ID)
857  {
858  $a_role_list[$key]["role_type"] = "global";
859  }
860  else
861  {
862  $a_role_list[$key]["role_type"] = "local";
863  }
864  }
865  else
866  {
867  $a_role_list[$key]["role_type"] = "linked";
868  }
869  }
870 
871  if ($val["protected"] == "y")
872  {
873  $a_role_list[$key]["protected"] = true;
874  }
875  else
876  {
877  $a_role_list[$key]["protected"] = false;
878  }
879  }
880 
881  return $a_role_list;
882  }
+ Here is the caller graph for this function:

◆ __setTemplateFilter()

ilRbacReview::__setTemplateFilter (   $a_templates)
protected

get roles and templates or only roles; returns string for where clause private

Parameters
booleantrue: with templates
Returns
string where clause
Todo:
refactor rolf => DONE

Definition at line 815 of file class.ilRbacReview.php.

References $ilDB.

Referenced by getAssignableRoles(), getRoleListByObject(), and getRolesForIDs().

816  {
817  global $ilDB;
818 
819  if ($a_templates === true)
820  {
821  $where = "WHERE ".$ilDB->in('object_data.type',array('role','rolt'),false,'text')." ";
822  }
823  else
824  {
825  $where = "WHERE ".$ilDB->in('object_data.type',array('role'),false,'text')." ";
826  }
827 
828  return $where;
829  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getOperationIdByName()

static ilRbacReview::_getOperationIdByName (   $a_operation)
static

get operation id by name of operation public static

Parameters
stringoperation name
Returns
integer operation id
Todo:
refactor rolf => DONE

Definition at line 1839 of file class.ilRbacReview.php.

References $ilDB, $ilErr, $r, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilRbacSystem\checkAccessOfUser(), and ilObjBlog\getRolesWithContributeOrRedact().

1840  {
1841  global $ilDB,$ilErr;
1842 
1843  if (!isset($a_operation))
1844  {
1845  $message = "perm::getOperationId(): No operation given!";
1846  $ilErr->raiseError($message,$ilErr->WARNING);
1847  }
1848 
1849  // Cache operation ids
1850  if (! is_array(self::$_opsCache)) {
1851  self::$_opsCache = array();
1852 
1853  $q = "SELECT ops_id, operation FROM rbac_operations";
1854  $r = $ilDB->query($q);
1855  while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
1856  {
1857  self::$_opsCache[$row->operation] = $row->ops_id;
1858  }
1859  }
1860 
1861  // Get operation ID by name from cache
1862  if (array_key_exists($a_operation, self::$_opsCache)) {
1863  return self::$_opsCache[$a_operation];
1864  }
1865  return null;
1866  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$r
$r
Definition: example_031.php:79
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$ilErr
$ilErr
Definition: inc.setup_header.php:67
+ Here is the caller graph for this function:

◆ _getOperationIdsByName()

static ilRbacReview::_getOperationIdsByName (   $operations)
static

get ops_id's by name.

Example usage: $rbacadmin->grantPermission($roles,ilRbacReview::_getOperationIdsByName(array('visible','read'),$ref_id));

public

Parameters
arraystring name of operation. see rbac_operations
Returns
array integer ops_id's
Todo:
refactor rolf => DONE

Definition at line 1811 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by ilUtil\_getObjectsByOperations(), ilLicense\getPotentialAccesses(), and ilECSObjectSettings\handlePermissionUpdate().

1812  {
1813  global $ilDB;
1814 
1815  if(!count($operations))
1816  {
1817  return array();
1818  }
1819 
1820  $query = 'SELECT ops_id FROM rbac_operations '.
1821  'WHERE '.$ilDB->in('operation',$operations,false,'text');
1822 
1823  $res = $ilDB->query($query);
1824  while($row = $ilDB->fetchObject($res))
1825  {
1826  $ops_ids[] = $row->ops_id;
1827  }
1828  return $ops_ids ? $ops_ids : array();
1829  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getOperationList()

static ilRbacReview::_getOperationList (   $a_type = null)
static

get operation list by object type public static

Parameters
stringobject type you want to have the operation list
stringorder column
stringorder direction (possible values: ASC or DESC)
Returns
array returns array of operations
Todo:
refactor rolf => DONE

Definition at line 2066 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by ilSettingsPermissionGUI\__construct(), ilObjTypeDefinitionGUI\editObject(), ilObjectPermissionStatusGUI\getAccessPermissionTableData(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), ilObjRoleTemplateGUI\permObject(), and ilObjTypeDefinitionGUI\viewObject().

2067  {
2068  global $ilDB;
2069 
2070  $arr = array();
2071 
2072  if ($a_type)
2073  {
2074  $query = sprintf('SELECT * FROM rbac_operations '.
2075  'JOIN rbac_ta ON rbac_operations.ops_id = rbac_ta.ops_id '.
2076  'JOIN object_data ON rbac_ta.typ_id = object_data.obj_id '.
2077  'WHERE object_data.title = %s '.
2078  'AND object_data.type = %s '.
2079  'ORDER BY op_order ASC',
2080  $ilDB->quote($a_type,'text'),
2081  $ilDB->quote('typ','text'));
2082  }
2083  else
2084  {
2085  $query = 'SELECT * FROM rbac_operations ORDER BY op_order ASC';
2086  }
2087  $res = $ilDB->query($query);
2088  while ($row = $ilDB->fetchAssoc($res))
2089  {
2090  $arr[] = array(
2091  "ops_id" => $row['ops_id'],
2092  "operation" => $row['operation'],
2093  "desc" => $row['description'],
2094  "class" => $row['class'],
2095  "order" => $row['op_order']
2096  );
2097  }
2098  return $arr;
2099  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _groupOperationsByClass()

static ilRbacReview::_groupOperationsByClass (   $a_ops_arr)
static
Parameters
type$a_ops_arr
Returns
type
Todo:
refactor rolf => DONE

Definition at line 2107 of file class.ilRbacReview.php.

2108  {
2109  $arr = array();
2110 
2111  foreach ($a_ops_arr as $ops)
2112  {
2113  $arr[$ops['class']][] = array ('ops_id' => $ops['ops_id'],
2114  'name' => $ops['operation']
2115  );
2116  }
2117  return $arr;
2118  }

◆ assignedGlobalRoles()

ilRbacReview::assignedGlobalRoles (   $a_usr_id)

Get assigned global roles for an user.

Parameters
int$a_usr_idId of user account
Todo:
refactor rolf => DONE

Definition at line 1059 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

1060  {
1061  global $ilDB;
1062 
1063  $query = "SELECT ua.rol_id FROM rbac_ua ua ".
1064  "JOIN rbac_fa fa ON ua.rol_id = fa.rol_id ".
1065  "WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer').' '.
1066  "AND parent = ".$ilDB->quote(ROLE_FOLDER_ID)." ".
1067  "AND assign = 'y' ";
1068 
1069  $res = $ilDB->query($query);
1070  while($row = $ilDB->fetchObject($res))
1071  {
1072  $role_arr[] = $row->rol_id;
1073  }
1074  return $role_arr ? $role_arr : array();
1075  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ assignedRoles()

ilRbacReview::assignedRoles (   $a_usr_id)

get all assigned roles to a given user public

Parameters
integerusr_id
Returns
array all roles (id) the user have
Todo:
refactor rolf => DONE

Definition at line 1038 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by __setProtectedStatus(), and getRolesByFilter().

1039  {
1040  global $ilDB;
1041 
1042  $role_arr = array();
1043 
1044  $query = "SELECT rol_id FROM rbac_ua WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer');
1045 
1046  $res = $ilDB->query($query);
1047  while($row = $ilDB->fetchObject($res))
1048  {
1049  $role_arr[] = $row->rol_id;
1050  }
1051  return $role_arr ? $role_arr : array();
1052  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ assignedUsers()

ilRbacReview::assignedUsers (   $a_rol_id,
  $a_fields = NULL 
)

get all assigned users to a given role public

Parameters
integerrole_id
arraycolumns to get form usr_data table (optional)
Returns
array all users (id) assigned to role OR arrays of user datas
Todo:
refactor rolf => (check result buffering)

Definition at line 912 of file class.ilRbacReview.php.

References $ilBench, $ilDB, $query, $res, and $row.

913  {
914  global $ilBench,$ilDB;
915 
916  $ilBench->start("RBAC", "review_assignedUsers");
917 
918  if (!isset($a_rol_id))
919  {
920  $message = get_class($this)."::assignedUsers(): No role_id given!";
921  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
922  }
923  if (! $a_fields AND isset(self::$assigned_users_cache[$a_rol_id])) {
924  return self::$assigned_users_cache[$a_rol_id];
925  }
926 
927  $result_arr = array();
928 
929  if ($a_fields !== NULL and is_array($a_fields))
930  {
931  if (count($a_fields) == 0)
932  {
933  $select = "*";
934  }
935  else
936  {
937  if (($usr_id_field = array_search("usr_id",$a_fields)) !== false)
938  unset($a_fields[$usr_id_field]);
939 
940  $select = implode(",",$a_fields).",usr_data.usr_id";
941  $select = addslashes($select);
942  }
943 
944  $ilDB->enableResultBuffering(false);
945  $query = "SELECT ".$select." FROM usr_data ".
946  "LEFT JOIN rbac_ua ON usr_data.usr_id = rbac_ua.usr_id ".
947  "WHERE rbac_ua.rol_id =".$ilDB->quote($a_rol_id,'integer');
948  $res = $ilDB->query($query);
949  while($row = $ilDB->fetchAssoc($res))
950  {
951  $result_arr[] = $row;
952  }
953  $ilDB->enableResultBuffering(true);
954  }
955  else
956  {
957  $ilDB->enableResultBuffering(false);
958  $query = "SELECT usr_id FROM rbac_ua WHERE rol_id= ".$ilDB->quote($a_rol_id,'integer');
959 
960  $res = $ilDB->query($query);
961  while($row = $ilDB->fetchAssoc($res))
962  {
963  array_push($result_arr,$row["usr_id"]);
964  }
965  $ilDB->enableResultBuffering(true);
966  }
967 
968  $ilBench->stop("RBAC", "review_assignedUsers");
969 
970  if (! $a_fields) {
971  self::$assigned_users_cache[$a_rol_id] = $result_arr;
972  }
973 
974  return $result_arr;
975  }
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ clearCaches()

ilRbacReview::clearCaches ( )

Clear assigned users caches.

Definition at line 2401 of file class.ilRbacReview.php.

2402  {
2403  self::$is_assigned_cache = array();
2404  self::$assigned_users_cache = array();
2405  }

◆ getActiveOperationsOfRole()

ilRbacReview::getActiveOperationsOfRole (   $a_ref_id,
  $a_role_id 
)

Get active operations for a role.

Parameters
object$a_ref_id
object$a_role_id
Returns
Todo:
refactor rolf => DONE

Definition at line 1427 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_ASSOC.

1428  {
1429  global $ilDB;
1430 
1431  $query = 'SELECT * FROM rbac_pa '.
1432  'WHERE ref_id = '.$ilDB->quote($a_ref_id,'integer').' '.
1433  'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' ';
1434 
1435  $res = $ilDB->query($query);
1436  while($row = $res->fetchRow(DB_FETCHMODE_ASSOC))
1437  {
1438  return unserialize($row['ops_id']);
1439  }
1440  return array();
1441  }
DB_FETCHMODE_ASSOC
const DB_FETCHMODE_ASSOC
Definition: class.ilDB.php:10
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAllOperationsOfRole()

ilRbacReview::getAllOperationsOfRole (   $a_rol_id,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public

Parameters
integerrole_id
integerrole folder id
Returns
array array of operation_id and types
Todo:
refactor rolf => DONE

Definition at line 1398 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

1399  {
1400  global $ilDB;
1401 
1402  if(!$a_parent)
1403  {
1404  $a_parent = ROLE_FOLDER_ID;
1405  }
1406 
1407  $query = "SELECT ops_id,type FROM rbac_templates ".
1408  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1409  "AND parent = ".$ilDB->quote($a_parent,'integer');
1410  $res = $ilDB->query($query);
1411 
1412  $ops_arr = array();
1413  while ($row = $ilDB->fetchObject($res))
1414  {
1415  $ops_arr[$row->type][] = $row->ops_id;
1416  }
1417  return (array) $ops_arr;
1418  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAssignableChildRoles()

ilRbacReview::getAssignableChildRoles (   $a_ref_id)

Get all assignable roles directly under a specific node public.

Parameters
ref_id
Returns
array set ids
Todo:
refactor rolf => Find a better name; reduce sql fields

Definition at line 789 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

790  {
791  global $ilDB;
792 
793  $query = "SELECT fa.*, rd.* ".
794  "FROM object_data rd ".
795  "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id ".
796  "WHERE fa.assign = 'y' ".
797  "AND fa.parent = ".$this->ilDB->quote($a_ref_id,'integer')." "
798  ;
799 
800  $res = $ilDB->query($query);
801  while($row = $ilDB->fetchAssoc($res))
802  {
803  $roles_data[] = $row;
804  }
805  return $roles_data ? $roles_data : array();
806  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAssignableRoles()

ilRbacReview::getAssignableRoles (   $a_templates = false,
  $a_internal_roles = false,
  $title_filter = '' 
)

Returns a list of all assignable roles public.

Parameters
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 716 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by getRolesByFilter().

717  {
718  global $ilDB;
719 
720  $role_list = array();
721 
722  $where = $this->__setTemplateFilter($a_templates);
723 
724  $query = "SELECT * FROM object_data ".
725  "JOIN rbac_fa ON obj_id = rol_id ".
726  $where.
727  "AND rbac_fa.assign = 'y' ";
728 
729  if(strlen($title_filter))
730  {
731  $query .= (' AND '.$ilDB->like(
732  'title',
733  'text',
734  $title_filter.'%'
735  ));
736  }
737  $res = $ilDB->query($query);
738 
739  while ($row = $ilDB->fetchAssoc($res))
740  {
741  $row["desc"] = $row["description"];
742  $row["user_id"] = $row["owner"];
743  $role_list[] = $row;
744  }
745 
746  $role_list = $this->__setRoleType($role_list);
747 
748  return $role_list;
749  }
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:815
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:843
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssignableRolesInSubtree()

ilRbacReview::getAssignableRolesInSubtree (   $ref_id)

Returns a list of assignable roles in a subtree of the repository public.

Parameters
ref_idRoot node of subtree
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 758 of file class.ilRbacReview.php.

References $GLOBALS, $ilDB, $query, $ref_id, $res, $row, and DB_FETCHMODE_OBJECT.

759  {
760  global $ilDB;
761 
762  $query = 'SELECT rol_id FROM rbac_fa fa '.
763  'JOIN tree t1 ON t1.child = fa.parent '.
764  'JOIN object_data obd ON fa.rol_id = obd.obj_id ' .
765  'WHERE assign = '.$ilDB->quote('y','text').' '.
766  'AND obd.type = '.$ilDB->quote('role','text').' '.
767  'AND t1.child IN ('.
768  $GLOBALS['tree']->getSubTreeQuery($ref_id,array('child')).' '.
769  ') ';
770 
771 
772  $res = $ilDB->query($query);
773 
774  $role_list = array();
775  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
776  {
777  $role_list[] = $row->rol_id;
778  }
779  return $role_list;
780  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ref_id
$ref_id
Definition: sahs_server.php:39
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276

◆ getAssignedCacheEntry()

ilRbacReview::getAssignedCacheEntry (   $a_role_id,
  $a_user_id 
)

get entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id

Definition at line 2393 of file class.ilRbacReview.php.

2394  {
2395  return self::$is_assigned_cache[$a_role_id][$a_user_id];
2396  }

◆ getFoldersAssignedToRole()

ilRbacReview::getFoldersAssignedToRole (   $a_rol_id,
  $a_assignable = false 
)

Returns an array of objects assigned to a role.

A role with stopped inheritance may be assigned to more than one objects. To get only the original location of a role, set the second parameter to true

public

Parameters
integerrole id
booleanget only rolefolders where role is assignable (true)
Returns
array reference IDs of role folders
Todo:
refactor rolf => RENAME (rest done)

Definition at line 1140 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by isRoleDeleted().

1141  {
1142  global $ilDB;
1143 
1144  if (!isset($a_rol_id))
1145  {
1146  $message = get_class($this)."::getFoldersAssignedToRole(): No role_id given!";
1147  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1148  }
1149 
1150  if ($a_assignable)
1151  {
1152  $where = " AND assign ='y'";
1153  }
1154 
1155  $query = "SELECT DISTINCT parent FROM rbac_fa ".
1156  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".$where." ";
1157 
1158  $res = $ilDB->query($query);
1159  while($row = $ilDB->fetchObject($res))
1160  {
1161  $folders[] = $row->parent;
1162  }
1163  return $folders ? $folders : array();
1164  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getGlobalAssignableRoles()

ilRbacReview::getGlobalAssignableRoles ( )

get only 'global' roles (with flag 'assign_users') public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1314 of file class.ilRbacReview.php.

References ilObjRole\_getAssignUsersStatus(), and getGlobalRoles().

1315  {
1316  include_once './Services/AccessControl/classes/class.ilObjRole.php';
1317 
1318  foreach($this->getGlobalRoles() as $role_id)
1319  {
1320  if(ilObjRole::_getAssignUsersStatus($role_id))
1321  {
1322  $ga[] = array('obj_id' => $role_id,
1323  'role_type' => 'global');
1324  }
1325  }
1326  return $ga ? $ga : array();
1327  }
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:1252
ilObjRole\_getAssignUsersStatus
_getAssignUsersStatus($a_role_id)
Definition: class.ilObjRole.php:141
+ Here is the call graph for this function:

◆ getGlobalRoles()

ilRbacReview::getGlobalRoles ( )

get only 'global' roles public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1252 of file class.ilRbacReview.php.

References getRolesOfRoleFolder().

Referenced by getGlobalAssignableRoles(), getRolesByFilter(), and isGlobalRole().

1253  {
1254  return $this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false);
1255  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:1213
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getGlobalRolesArray()

ilRbacReview::getGlobalRolesArray ( )

get only 'global' roles public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1298 of file class.ilRbacReview.php.

References getRolesOfRoleFolder().

1299  {
1300  foreach($this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false) as $role_id)
1301  {
1302  $ga[] = array('obj_id' => $role_id,
1303  'role_type' => 'global');
1304  }
1305  return $ga ? $ga : array();
1306  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:1213
+ Here is the call graph for this function:

◆ getLocalPolicies()

ilRbacReview::getLocalPolicies (   $a_ref_id)

Get all roles with local policies.

Parameters
type$a_ref_id
Returns
type

Definition at line 1282 of file class.ilRbacReview.php.

References getRolesOfRoleFolder().

1283  {
1284  $lroles = array();
1285  foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
1286  {
1287  $lroles[] = $role_id;
1288  }
1289  return $lroles;
1290  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:1213
+ Here is the call graph for this function:

◆ getLocalRoles()

ilRbacReview::getLocalRoles (   $a_ref_id)

Get local roles of object.

Parameters
int$a_ref_id
Todo:
refactor rolf => DONE

Definition at line 1262 of file class.ilRbacReview.php.

References $ilDB, getRolesOfRoleFolder(), and isAssignable().

1263  {
1264  global $ilDB;
1265 
1266  $lroles = array();
1267  foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
1268  {
1269  if($this->isAssignable($role_id, $a_ref_id))
1270  {
1271  $lroles[] = $role_id;
1272  }
1273  }
1274  return $lroles;
1275  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:1213
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users public.
Definition: class.ilRbacReview.php:1085
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getNumberOfAssignedUsers()

ilRbacReview::getNumberOfAssignedUsers ( Array  $a_roles)

Get the number of assigned users to roles ilDB $ilDB.

Parameters
array$a_roles
Returns
int
Todo:
refactor rolf => DONE

Definition at line 891 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

892  {
893  global $ilDB;
894 
895  $query = 'SELECT COUNT(DISTINCT(usr_id)) as num FROM rbac_ua '.
896  'WHERE '.$ilDB->in('rol_id', $a_roles, false, 'integer').' ';
897 
898  $res = $ilDB->query($query);
899  $row = $res->fetchRow(DB_FETCHMODE_OBJECT);
900  return $row->num ? $row->num : 0;
901  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getObjectOfRole()

ilRbacReview::getObjectOfRole (   $a_role_id)

Get object id of objects a role is assigned to.

Todo:
refactor rolf (due to performance reasons the new version does not check for deleted roles only in object reference)

public

Parameters
introle id

Definition at line 2129 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by ilObjUserGUI\roleassignmentObject().

2130  {
2131  // internal cache
2132  static $obj_cache = array();
2133 
2134  global $ilDB;
2135 
2136 
2137  if(isset($obj_cache[$a_role_id]) and $obj_cache[$a_role_id])
2138  {
2139  return $obj_cache[$a_role_id];
2140  }
2141 
2142  $query = 'SELECT obr.obj_id FROM rbac_fa rfa '.
2143  'JOIN object_reference obr ON rfa.parent = obr.ref_id '.
2144  'WHERE assign = '.$ilDB->quote('y','text'). ' '.
2145  'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2146  'AND deleted IS NULL';
2147 
2148  #$query = "SELECT obr.obj_id FROM rbac_fa rfa ".
2149  # "JOIN tree ON rfa.parent = tree.child ".
2150  # "JOIN object_reference obr ON tree.parent = obr.ref_id ".
2151  # "WHERE tree.tree = 1 ".
2152  # "AND assign = 'y' ".
2153  # "AND rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
2154  $res = $ilDB->query($query);
2155 
2156  $obj_cache[$a_role_id] = 0;
2157  while($row = $ilDB->fetchObject($res))
2158  {
2159  $obj_cache[$a_role_id] = $row->obj_id;
2160  }
2161  return $obj_cache[$a_role_id];
2162  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getObjectReferenceOfRole()

ilRbacReview::getObjectReferenceOfRole (   $a_role_id)

Get reference of role.

Parameters
object$a_role_id
Returns
int
Todo:
refactor rolf (no deleted check)

Definition at line 2170 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

2171  {
2172  global $ilDB;
2173 
2174  $query = 'SELECT parent p_ref FROM rbac_fa '.
2175  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2176  'AND assign = '.$ilDB->quote('y','text');
2177 
2178  $res = $ilDB->query($query);
2179  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
2180  {
2181  return $row->p_ref;
2182  }
2183  return 0;
2184  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getObjectsWithStopedInheritance()

ilRbacReview::getObjectsWithStopedInheritance (   $a_rol_id,
  $a_filter = array() 
)

get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder.

public

Parameters
integerrole_id
arrayfilter ref_ids
Returns
array with ref_ids of objects
Todo:
refactor rolf => DONE

Definition at line 1617 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

1618  {
1619  global $ilDB;
1620 
1621  #$query = 'SELECT t.parent p FROM tree t JOIN rbac_fa fa ON fa.parent = child '.
1622  # 'WHERE assign = '.$ilDB->quote('n','text').' '.
1623  # 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1624 
1625  $query = 'SELECT parent p FROM rbac_fa '.
1626  'WHERE assign = '.$ilDB->quote('n','text').' '.
1627  'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1628 
1629  if($a_filter)
1630  {
1631  $query .= ('AND '.$ilDB->in('parent',(array) $a_filter,false,'integer'));
1632  }
1633 
1634  $res = $ilDB->query($query);
1635  $parent = array();
1636  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1637  {
1638  $parent[] = $row->p;
1639  }
1640  return $parent;
1641  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperation()

ilRbacReview::getOperation (   $ops_id)

get one operation by operation id public

Returns
array data of operation_id
Todo:
refactor rolf => DONE

Definition at line 1373 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and ilDB\query().

1374  {
1375  global $ilDB;
1376 
1377  $query = 'SELECT * FROM rbac_operations WHERE ops_id = '.$ilDB->quote($ops_id,'integer');
1378  $res = $this->ilDB->query($query);
1379  while($row = $ilDB->fetchObject($res))
1380  {
1381  $ops = array('ops_id' => $row->ops_id,
1382  'operation' => $row->operation,
1383  'description' => $row->description);
1384  }
1385 
1386  return $ops ? $ops : array();
1387  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1450
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getOperationAssignment()

ilRbacReview::getOperationAssignment ( )

get operation assignments

Returns
array array(array('typ_id' => $typ_id,'title' => $title,'ops_id => '$ops_is,'operation' => $operation),...
Todo:
refactor rolf => DONE

Definition at line 2250 of file class.ilRbacReview.php.

References $ilDB, $info, $query, $res, and $row.

2251  {
2252  global $ilDB;
2253 
2254  $query = 'SELECT ta.typ_id, obj.title, ops.ops_id, ops.operation FROM rbac_ta ta '.
2255  'JOIN object_data obj ON obj.obj_id = ta.typ_id '.
2256  'JOIN rbac_operations ops ON ops.ops_id = ta.ops_id ';
2257  $res = $ilDB->query($query);
2258 
2259  $counter = 0;
2260  while($row = $ilDB->fetchObject($res))
2261  {
2262  $info[$counter]['typ_id'] = $row->typ_id;
2263  $info[$counter]['type'] = $row->title;
2264  $info[$counter]['ops_id'] = $row->ops_id;
2265  $info[$counter]['operation'] = $row->operation;
2266  $counter++;
2267  }
2268  return $info ? $info : array();
2269 
2270  }
$info
$info
Definition: example_052.php:80
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperations()

ilRbacReview::getOperations ( )

get all possible operations public

Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 1351 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and ilDB\query().

1352  {
1353  global $ilDB;
1354 
1355  $query = 'SELECT * FROM rbac_operations ORDER BY ops_id ';
1356  $res = $this->ilDB->query($query);
1357  while($row = $ilDB->fetchObject($res))
1358  {
1359  $ops[] = array('ops_id' => $row->ops_id,
1360  'operation' => $row->operation,
1361  'description' => $row->description);
1362  }
1363 
1364  return $ops ? $ops : array();
1365  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1450
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getOperationsByTypeAndClass()

ilRbacReview::getOperationsByTypeAndClass (   $a_type,
  $a_class 
)

Get operations by type and class.

Parameters
string$a_typeType is "object" or
string$a_class
Returns
Todo:
refactor rolf => DONE

Definition at line 1576 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

1577  {
1578  global $ilDB;
1579 
1580  if($a_class != 'create')
1581  {
1582  $condition = "AND class != ".$ilDB->quote('create','text');
1583  }
1584  else
1585  {
1586  $condition = "AND class = ".$ilDB->quote('create','text');
1587  }
1588 
1589  $query = "SELECT ro.ops_id FROM rbac_operations ro ".
1590  "JOIN rbac_ta rt ON ro.ops_id = rt.ops_id ".
1591  "JOIN object_data od ON rt.typ_id = od.obj_id ".
1592  "WHERE type = ".$ilDB->quote('typ','text')." ".
1593  "AND title = ".$ilDB->quote($a_type,'text')." ".
1594  $condition." ".
1595  "ORDER BY op_order ";
1596 
1597  $res = $ilDB->query($query);
1598 
1599  $ops = array();
1600  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1601  {
1602  $ops[] = $row->ops_id;
1603  }
1604  return $ops;
1605  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperationsOfRole()

ilRbacReview::getOperationsOfRole (   $a_rol_id,
  $a_type,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public

Parameters
integerrole_id
stringobject type
integerrole folder id
Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 1454 of file class.ilRbacReview.php.

References $ilDB, $ilLog, $query, $res, and $row.

1455  {
1456  global $ilDB,$ilLog;
1457 
1458  if (!isset($a_rol_id) or !isset($a_type))
1459  {
1460  $message = get_class($this)."::getOperationsOfRole(): Missing Parameter!".
1461  "role_id: ".$a_rol_id.
1462  "type: ".$a_type.
1463  "parent_id: ".$a_parent;
1464  $ilLog->logStack("Missing parameter! ");
1465  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1466  }
1467 
1468  $ops_arr = array();
1469 
1470  // if no rolefolder id is given, assume global role folder as target
1471  if ($a_parent == 0)
1472  {
1473  $a_parent = ROLE_FOLDER_ID;
1474  }
1475 
1476  $query = "SELECT ops_id FROM rbac_templates ".
1477  "WHERE type =".$ilDB->quote($a_type,'text')." ".
1478  "AND rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1479  "AND parent = ".$ilDB->quote($a_parent,'integer');
1480  $res = $ilDB->query($query);
1481  while ($row = $ilDB->fetchObject($res))
1482  {
1483  $ops_arr[] = $row->ops_id;
1484  }
1485 
1486  return $ops_arr;
1487  }
$ilLog
$ilLog
Definition: inc.setup_header.php:136
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperationsOnType()

ilRbacReview::getOperationsOnType (   $a_typ_id)

all possible operations of a type public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1520 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by getOperationsOnTypeString().

1521  {
1522  global $ilDB;
1523 
1524  if (!isset($a_typ_id))
1525  {
1526  $message = get_class($this)."::getOperationsOnType(): No type_id given!";
1527  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1528  }
1529 
1530  #$query = "SELECT * FROM rbac_ta WHERE typ_id = ".$ilDB->quote($a_typ_id,'integer');
1531 
1532  $query = 'SELECT * FROM rbac_ta ta JOIN rbac_operations o ON ta.ops_id = o.ops_id '.
1533  'WHERE typ_id = '.$ilDB->quote($a_typ_id,'integer').' '.
1534  'ORDER BY op_order';
1535 
1536  $res = $ilDB->query($query);
1537 
1538  while($row = $ilDB->fetchObject($res))
1539  {
1540  $ops_id[] = $row->ops_id;
1541  }
1542 
1543  return $ops_id ? $ops_id : array();
1544  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getOperationsOnTypeString()

ilRbacReview::getOperationsOnTypeString (   $a_type)

all possible operations of a type public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1554 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, DB_FETCHMODE_OBJECT, getOperationsOnType(), and ilDB\query().

1555  {
1556  global $ilDB;
1557 
1558  $query = "SELECT * FROM object_data WHERE type = 'typ' AND title = ".$ilDB->quote($a_type ,'text')." ";
1559 
1560 
1561  $res = $this->ilDB->query($query);
1562  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1563  {
1564  return $this->getOperationsOnType($row->obj_id);
1565  }
1566  return false;
1567  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1450
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\getOperationsOnType
getOperationsOnType($a_typ_id)
all possible operations of a type public
Definition: class.ilRbacReview.php:1520
+ Here is the call graph for this function:

◆ getParentRoleIds()

ilRbacReview::getParentRoleIds (   $a_endnode_id,
  $a_templates = false 
)

get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates public

Parameters
integerref_id of an object which is end node
booleantrue for role templates (default: false)
Returns
array array(role_ids => role_data)
Todo:
refactor rolf => DONE

Definition at line 643 of file class.ilRbacReview.php.

References $GLOBALS, and __getParentRoles().

644  {
645  global $tree;
646 
647  if (!isset($a_endnode_id))
648  {
649  $GLOBALS['ilLog']->logStack();
650  $message = get_class($this)."::getParentRoleIds(): No node_id (ref_id) given!";
651  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
652  }
653 
654  //var_dump($a_endnode_id);exit;
655  //$log->write("ilRBACreview::getParentRoleIds(), 0");
656  $pathIds = $tree->getPathId($a_endnode_id);
657 
658  // add system folder since it may not in the path
659  //$pathIds[0] = SYSTEM_FOLDER_ID;
660  $pathIds[0] = ROLE_FOLDER_ID;
661  //$log->write("ilRBACreview::getParentRoleIds(), 1");
662  #return $this->getParentRoles($a_endnode_id,$a_templates,$a_keep_protected);
663  return $this->__getParentRoles($pathIds,$a_templates);
664  }
ilRbacReview\__getParentRoles
__getParentRoles($a_path, $a_templates)
Note: This function performs faster than the new getParentRoles function, because it uses database in...
Definition: class.ilRbacReview.php:605
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276
+ Here is the call graph for this function:

◆ getRoleFolderOfRole()

ilRbacReview::getRoleFolderOfRole (   $a_role_id)

Get role folder of role ilDB $ilDB.

Parameters
int$a_role_id
Returns
int
Todo:
refactor rolf => RENAME

Definition at line 2316 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, ilObject\_lookupType(), and DB_FETCHMODE_OBJECT.

2317  {
2318  global $ilDB;
2319 
2320  if(ilObject::_lookupType($a_role_id) == 'role')
2321  {
2322  $and = ('AND assign = '.$ilDB->quote('y','text'));
2323  }
2324  else
2325  {
2326  $and = '';
2327  }
2328 
2329  $query = 'SELECT * FROM rbac_fa '.
2330  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2331  $and;
2332  $res = $ilDB->query($query);
2333  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
2334  {
2335  return $row->parent;
2336  }
2337  return 0;
2338  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1196
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getRoleListByObject()

ilRbacReview::getRoleListByObject (   $a_ref_id,
  $a_templates = false 
)

Returns a list of roles in an container public.

Parameters
integerref_id of object
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 674 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by __getParentRoles().

675  {
676  global $ilDB;
677 
678  if (!isset($a_ref_id) or !isset($a_templates))
679  {
680  $message = get_class($this)."::getRoleListByObject(): Missing parameter!".
681  "ref_id: ".$a_ref_id.
682  "tpl_flag: ".$a_templates;
683  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
684  }
685 
686  $role_list = array();
687 
688  $where = $this->__setTemplateFilter($a_templates);
689 
690  $query = "SELECT * FROM object_data ".
691  "JOIN rbac_fa ON obj_id = rol_id ".
692  $where.
693  "AND object_data.obj_id = rbac_fa.rol_id ".
694  "AND rbac_fa.parent = ".$ilDB->quote($a_ref_id,'integer')." ";
695 
696  $res = $ilDB->query($query);
697  while ($row = $ilDB->fetchAssoc($res))
698  {
699  $row["desc"] = $row["description"];
700  $row["user_id"] = $row["owner"];
701  $role_list[] = $row;
702  }
703 
704  $role_list = $this->__setRoleType($role_list);
705 
706  return $role_list;
707  }
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:815
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:843
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getRoleMailboxAddress()

ilRbacReview::getRoleMailboxAddress (   $a_role_id,
  $is_localize = true 
)

Returns the mailbox address of a role.

Example 1: Mailbox address for an ILIAS reserved role name

The il_crs_member_345 role of the course object "English Course 1" is returned as one of the following mailbox addresses:

a) Course Member <#member@[English Course 1]> b) Course Member <#il_crs_member_345@[English Course 1]> c) Course Member <#il_crs_member_345>

Address a) is returned, if the title of the object is unique, and if there is only one local role with the substring "member" defined for the object.

Address b) is returned, if the title of the object is unique, but there is more than one local role with the substring "member" in its title.

Address c) is returned, if the title of the course object is not unique.

Example 2: Mailbox address for a manually defined role name

The "Admin" role of the category object "Courses" is returned as one of the following mailbox addresses:

a) Course Administrator <#Admin> b) Course Administrator <#Admin> c) Course Adminstrator <#il_role_34211> 

Address a) is returned, if the title of the object is unique, and
if there is only one local role with the substring "Admin" defined for
the course object.

Address b) is returned, if the title of the object is not unique, but

the role title is unique.

Address c) is returned, if neither the role title nor the title of the course object is unique.

Example 3: Mailbox address for a manually defined role title that can
       contains special characters in the local-part of a 
       mailbox address

The "Author Courses" role of the category object "Courses" is returned as one of the following mailbox addresses:

a) "#Author Courses" b) Author Courses <#il_role_34234> 

Address a) is returned, if the title of the role is unique.

Address b) is returned, if neither the role title nor the title of the course object is unique, or if the role title contains a quote or a backslash.

@param int a role id
@param boolean is_localize whether mailbox addresses should be localized
@return     String mailbox address or null, if role does not exist.
Todo:
refactor rolf

Definition at line 336 of file class.ilRbacReview.php.

References $ilDB, $lng, $log, $query, $r, $row, ilObject\_getIdsForTitle(), DB_FETCHMODE_OBJECT, if, ilMail\ILIAS_HOST, and ilDB\query().

337  {
338  global $log, $lng,$ilDB;
339 
340  include_once "Services/Mail/classes/class.ilMail.php";
341  if (ilMail::_usePearMail())
342  {
343  // Retrieve the role title and the object title.
344  $query = "SELECT rdat.title role_title,odat.title object_title, ".
345  " oref.ref_id object_ref ".
346  "FROM object_data rdat ".
347  "JOIN rbac_fa fa ON fa.rol_id = rdat.obj_id ".
348  "JOIN tree rtree ON rtree.child = fa.parent ".
349  "JOIN object_reference oref ON oref.ref_id = rtree.child ".
350  "JOIN object_data odat ON odat.obj_id = oref.obj_id ".
351  "WHERE rdat.obj_id = ".$this->ilDB->quote($a_role_id,'integer')." ".
352  "AND fa.assign = 'y' ";
353  $r = $ilDB->query($query);
354  if (!$row = $ilDB->fetchObject($r))
355  {
356  //$log->write('class.ilRbacReview->getMailboxAddress('.$a_role_id.'): error role does not exist');
357  return null; // role does not exist
358  }
359  $object_title = $row->object_title;
360  $object_ref = $row->object_ref;
361  $role_title = $row->role_title;
362 
363 
364  // In a perfect world, we could use the object_title in the
365  // domain part of the mailbox address, and the role title
366  // with prefix '#' in the local part of the mailbox address.
367  $domain = $object_title;
368  $local_part = $role_title;
369 
370 
371  // Determine if the object title is unique
372  $q = "SELECT COUNT(DISTINCT dat.obj_id) count ".
373  "FROM object_data dat ".
374  "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
375  "JOIN tree ON tree.child = ref.ref_id ".
376  "WHERE title = ".$this->ilDB->quote($object_title,'text')." ".
377  "AND tree.tree = 1 ";
378  $r = $this->ilDB->query($q);
379  $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
380 
381  // If the object title is not unique, we get rid of the domain.
382  if ($row->count > 1)
383  {
384  $domain = null;
385  }
386 
387  // If the domain contains illegal characters, we get rid of it.
388  //if (domain != null && preg_match('/[\[\]\\]|[\x00-\x1f]/',$domain))
389  // Fix for Mantis Bug: 7429 sending mail fails because of brakets
390  // Fix for Mantis Bug: 9978 sending mail fails because of semicolon
391  if ($domain != null && preg_match('/[\[\]\\]|[\x00-\x1f]|[\x28-\x29]|[;]/',$domain))
392  {
393  $domain = null;
394  }
395 
396  // If the domain contains special characters, we put square
397  // brackets around it.
398  if ($domain != null &&
399  (preg_match('/[()<>@,;:\\".\[\]]/',$domain) ||
400  preg_match('/[^\x21-\x8f]/',$domain))
401  )
402  {
403  $domain = '['.$domain.']';
404  }
405 
406  // If the role title is one of the ILIAS reserved role titles,
407  // we can use a shorthand version of it for the local part
408  // of the mailbox address.
409  if (strpos($role_title, 'il_') === 0 && $domain != null)
410  {
411  $unambiguous_role_title = $role_title;
412 
413  $pos = strpos($role_title, '_', 3) + 1;
414  $local_part = substr(
415  $role_title,
416  $pos,
417  strrpos($role_title, '_') - $pos
418  );
419  }
420  else
421  {
422  $unambiguous_role_title = 'il_role_'.$a_role_id;
423  }
424 
425  // Determine if the local part is unique. If we don't have a
426  // domain, the local part must be unique within the whole repositry.
427  // If we do have a domain, the local part must be unique for that
428  // domain.
429  if ($domain == null)
430  {
431  $q = "SELECT COUNT(DISTINCT dat.obj_id) count ".
432  "FROM object_data dat ".
433  "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
434  "JOIN tree ON tree.child = ref.ref_id ".
435  "WHERE title = ".$this->ilDB->quote($local_part,'text')." ".
436  "AND tree.tree = 1 ";
437  }
438  else
439  {
440  $q = "SELECT COUNT(rd.obj_id) count ".
441  "FROM object_data rd ".
442  "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id ".
443  "JOIN tree t ON t.child = fa.parent ".
444  "WHERE fa.assign = 'y' ".
445  "AND t.child = ".$this->ilDB->quote($object_ref,'integer')." ".
446  "AND rd.title LIKE ".$this->ilDB->quote(
447  '%'.preg_replace('/([_%])/','\\\\$1', $local_part).'%','text')." ";
448  }
449 
450  $r = $this->ilDB->query($q);
451  $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
452 
453  // if the local_part is not unique, we use the unambiguous role title
454  // instead for the local part of the mailbox address
455  if ($row->count > 1)
456  {
457  $local_part = $unambiguous_role_title;
458  }
459 
460  $use_phrase = true;
461 
462  // If the local part contains illegal characters, we use
463  // the unambiguous role title instead.
464  if (preg_match('/[\\"\x00-\x1f]/',$local_part))
465  {
466  $local_part = $unambiguous_role_title;
467  }
468  else if(!preg_match('/^[\\x00-\\x7E]+$/i', $local_part))
469  {
470  // 2013-12-05: According to #12283, we do not accept umlauts in the local part
471  $local_part = $unambiguous_role_title;
472  $use_phrase = false;
473  }
474 
475  // Add a "#" prefix to the local part
476  $local_part = '#'.$local_part;
477 
478  // Put quotes around the role title, if needed
479  if (preg_match('/[()<>@,;:.\[\]\x20]/',$local_part))
480  {
481  $local_part = '"'.$local_part.'"';
482  }
483 
484  $mailbox = ($domain == null) ?
485  $local_part :
486  $local_part.'@'.$domain;
487 
488  if ($is_localize)
489  {
490  if (substr($role_title,0,3) == 'il_')
491  {
492  $phrase = $lng->txt(substr($role_title, 0, strrpos($role_title,'_')));
493  }
494  else
495  {
496  $phrase = $role_title;
497  }
498 
499  if($use_phrase)
500  {
501  // make phrase RFC 822 conformant:
502  // - strip excessive whitespace
503  // - strip special characters
504  $phrase = preg_replace('/\s\s+/', ' ', $phrase);
505  $phrase = preg_replace('/[()<>@,;:\\".\[\]]/', '', $phrase);
506 
507  $mailbox = $phrase.' <'.$mailbox.'>';
508  }
509  }
510 
511  require_once './Services/PEAR/lib/Mail/RFC822.php';
512  $obj = new Mail_RFC822($mailbox, ilMail::ILIAS_HOST);
513  if(@$obj->parseAddressList() instanceof PEAR_Error)
514  {
515  $q = "SELECT title ".
516  "FROM object_data ".
517  "WHERE obj_id = ".$this->ilDB->quote($a_role_id ,'integer');
518  $r = $this->ilDB->query($q);
519 
520  if ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
521  {
522  return '#'.$row->title;
523  }
524  else
525  {
526  return null;
527  }
528  }
529 
530  return $mailbox;
531  }
532  else
533  {
534  $q = "SELECT title ".
535  "FROM object_data ".
536  "WHERE obj_id = ".$this->ilDB->quote($a_role_id ,'integer');
537  $r = $this->ilDB->query($q);
538 
539  if($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
540  {
541  $ids_for_role_title = ilObject::_getIdsForTitle($row->title, 'role');
542  if(count($ids_for_role_title) > 1)
543  {
544  return '#il_role_' . $a_role_id;
545  }
546  else
547  {
548  return '#' . $row->title;
549  }
550  }
551  else
552  {
553  return null;
554  }
555  }
556  }
ilMail\ILIAS_HOST
const ILIAS_HOST
Definition: class.ilMail.php:213
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1450
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$r
$r
Definition: example_031.php:79
PEAR_Error
Definition: PEAR.php:826
Mail_RFC822
Definition: RFC822.php:70
if
if(!file_exists(getcwd().'/ilias.ini.php')) if(isset( $_GET["client_id"]))
registration confirmation script for ilias
Definition: confirmReg.php:20
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$lng
global $lng
Definition: privfeed.php:40
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilObject\_getIdsForTitle
static _getIdsForTitle($title, $type='', $partialmatch=false)
Definition: class.ilObject.php:966
+ Here is the call graph for this function:

◆ getRoleOperationsOnObject()

ilRbacReview::getRoleOperationsOnObject (   $a_role_id,
  $a_ref_id 
)

ilDB $ilDB

Parameters
type$a_role_id
type$a_ref_id
Returns
type
Todo:
rafactor rolf => DONE

Definition at line 1496 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

1497  {
1498  global $ilDB;
1499 
1500  $query = "SELECT * FROM rbac_pa ".
1501  "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ".
1502  "AND ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
1503 
1504  $res = $ilDB->query($query);
1505  while($row = $ilDB->fetchObject($res))
1506  {
1507  $ops = unserialize($row->ops_id);
1508  }
1509 
1510  return $ops ? $ops : array();
1511  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getRolesByFilter()

ilRbacReview::getRolesByFilter (   $a_filter = 0,
  $a_user_id = 0,
  $title_filter = '' 
)

ilDB $ilDB

Parameters
type$a_filter
type$a_user_id
type$title_filter
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1698 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), assignedRoles(), getAssignableRoles(), and getGlobalRoles().

1699  {
1700  global $ilDB;
1701 
1702  $assign = "y";
1703 
1704  switch($a_filter)
1705  {
1706  // all (assignable) roles
1707  case self::FILTER_ALL:
1708  return $this->getAssignableRoles(true,true,$title_filter);
1709  break;
1710 
1711  // all (assignable) global roles
1712  case self::FILTER_ALL_GLOBAL:
1713  $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),false,'integer').' ';
1714  break;
1715 
1716  // all (assignable) local roles
1717  case self::FILTER_ALL_LOCAL:
1718  case self::FILTER_INTERNAL:
1719  case self::FILTER_NOT_INTERNAL:
1720  $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),true,'integer');
1721  break;
1722 
1723  // all role templates
1724  case self::FILTER_TEMPLATES:
1725  $where = "WHERE object_data.type = 'rolt'";
1726  $assign = "n";
1727  break;
1728 
1729  // only assigned roles, handled by ilObjUserGUI::roleassignmentObject()
1730  case 0:
1731  default:
1732  if(!$a_user_id)
1733  return array();
1734 
1735  $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->assignedRoles($a_user_id),false,'integer').' ';
1736  break;
1737  }
1738 
1739  $roles = array();
1740 
1741  $query = "SELECT * FROM object_data ".
1742  "JOIN rbac_fa ON obj_id = rol_id ".
1743  $where.
1744  "AND rbac_fa.assign = ".$ilDB->quote($assign,'text')." ";
1745 
1746  if(strlen($title_filter))
1747  {
1748  $query .= (' AND '.$ilDB->like(
1749  'title',
1750  'text',
1751  '%'.$title_filter.'%'
1752  ));
1753  }
1754 
1755  $res = $ilDB->query($query);
1756  while($row = $ilDB->fetchAssoc($res))
1757  {
1758  $prefix = (substr($row["title"],0,3) == "il_") ? true : false;
1759 
1760  // all (assignable) internal local roles only
1761  if ($a_filter == 4 and !$prefix)
1762  {
1763  continue;
1764  }
1765 
1766  // all (assignable) non internal local roles only
1767  if ($a_filter == 5 and $prefix)
1768  {
1769  continue;
1770  }
1771 
1772  $row["desc"] = $row["description"];
1773  $row["user_id"] = $row["owner"];
1774  $roles[] = $row;
1775  }
1776 
1777  $roles = $this->__setRoleType($roles);
1778 
1779  return $roles ? $roles : array();
1780  }
ilRbacReview\getAssignableRoles
getAssignableRoles($a_templates=false, $a_internal_roles=false, $title_filter='')
Returns a list of all assignable roles public.
Definition: class.ilRbacReview.php:716
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:1252
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user public
Definition: class.ilRbacReview.php:1038
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:843
+ Here is the call graph for this function:

◆ getRolesForIDs()

ilRbacReview::getRolesForIDs (   $role_ids,
  $use_templates 
)

ilDB $ilDB

Parameters
type$role_ids
type$use_templates
Returns
type
Todo:
refactor rolf => DONE

Definition at line 2219 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

2220  {
2221  global $ilDB;
2222 
2223  $role_list = array();
2224 
2225  $where = $this->__setTemplateFilter($use_templates);
2226 
2227  $query = "SELECT * FROM object_data ".
2228  "JOIN rbac_fa ON object_data.obj_id = rbac_fa.rol_id ".
2229  $where.
2230  "AND rbac_fa.assign = 'y' " .
2231  'AND '.$ilDB->in('object_data.obj_id',$role_ids,false,'integer');
2232 
2233  $res = $ilDB->query($query);
2234  while($row = $ilDB->fetchAssoc($res))
2235  {
2236  $row["desc"] = $row["description"];
2237  $row["user_id"] = $row["owner"];
2238  $role_list[] = $row;
2239  }
2240 
2241  $role_list = $this->__setRoleType($role_list);
2242  return $role_list;
2243  }
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:815
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:843
+ Here is the call graph for this function:

◆ getRolesOfObject()

ilRbacReview::getRolesOfObject (   $a_ref_id,
  $a_assignable_only = FALSE 
)

Get roles of object.

Parameters
type$a_ref_id
type$a_assignable
Exceptions
InvalidArgumentException
Todo:
refactor rolf => DONE

Definition at line 1173 of file class.ilRbacReview.php.

References $GLOBALS, $ilDB, $query, $res, and $row.

1174  {
1175  global $ilDB;
1176 
1177  if(!isset($a_ref_id))
1178  {
1179  $GLOBALS['ilLog']->logStack();
1180  throw new InvalidArgumentException(__METHOD__.': No ref_id given!');
1181  }
1182  if($a_assignable_only === TRUE)
1183  {
1184  $and = 'AND assign = '.$ilDB->quote('y','text');
1185  }
1186  $query = "SELECT rol_id FROM rbac_fa ".
1187  "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
1188  $and;
1189 
1190  $res = $ilDB->query($query);
1191 
1192  $role_ids = array();
1193  while($row = $ilDB->fetchObject($res))
1194  {
1195  $role_ids[] = $row->rol_id;
1196  }
1197  return $role_ids;
1198  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276

◆ getRolesOfRoleFolder()

ilRbacReview::getRolesOfRoleFolder (   $a_ref_id,
  $a_nonassignable = true 
)

get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids public

Parameters
integerref_id of object
booleanif false only get true local roles
Returns
array Array with rol_ids
Deprecated:
since version 4.5.0
Todo:
refactor rolf => RENAME

Definition at line 1213 of file class.ilRbacReview.php.

References $ilBench, $ilDB, $ilLog, $query, $res, and $row.

Referenced by getGlobalRoles(), getGlobalRolesArray(), getLocalPolicies(), and getLocalRoles().

1214  {
1215  global $ilBench,$ilDB,$ilLog;
1216 
1217  $ilBench->start("RBAC", "review_getRolesOfRoleFolder");
1218 
1219  if (!isset($a_ref_id))
1220  {
1221  $message = get_class($this)."::getRolesOfRoleFolder(): No ref_id given!";
1222  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1223 
1224  }
1225 
1226  if ($a_nonassignable === false)
1227  {
1228  $and = " AND assign='y'";
1229  }
1230 
1231  $query = "SELECT rol_id FROM rbac_fa ".
1232  "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
1233  $and;
1234 
1235  $res = $ilDB->query($query);
1236  while($row = $ilDB->fetchObject($res))
1237  {
1238  $rol_id[] = $row->rol_id;
1239  }
1240 
1241  $ilBench->stop("RBAC", "review_getRolesOfRoleFolder");
1242 
1243  return $rol_id ? $rol_id : array();
1244  }
$ilLog
$ilLog
Definition: inc.setup_header.php:136
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getTypeId()

ilRbacReview::getTypeId (   $a_type)

Get type id of object ilDB $ilDB.

Parameters
type$a_type
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1789 of file class.ilRbacReview.php.

References $ilDB, $r, $row, and DB_FETCHMODE_OBJECT.

1790  {
1791  global $ilDB;
1792 
1793  $q = "SELECT obj_id FROM object_data ".
1794  "WHERE title=".$ilDB->quote($a_type ,'text')." AND type='typ'";
1795  $r = $ilDB->query($q);
1796 
1797  $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
1798  return $row->obj_id;
1799  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$r
$r
Definition: example_031.php:79
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getUserPermissionsOnObject()

ilRbacReview::getUserPermissionsOnObject (   $a_user_id,
  $a_ref_id 
)

Get all user permissions on an object.

Parameters
int$a_user_iduser id
int$a_ref_idref id
Todo:
refactor rolf => DONE

Definition at line 2347 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

2348  {
2349  global $ilDB;
2350 
2351  $query = "SELECT ops_id FROM rbac_pa JOIN rbac_ua ".
2352  "ON (rbac_pa.rol_id = rbac_ua.rol_id) ".
2353  "WHERE rbac_ua.usr_id = ".$ilDB->quote($a_user_id,'integer')." ".
2354  "AND rbac_pa.ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
2355 
2356  $res = $ilDB->query($query);
2357  $all_ops = array();
2358  while ($row = $ilDB->fetchObject($res))
2359  {
2360  $ops = unserialize($row->ops_id);
2361  $all_ops = array_merge($all_ops, $ops);
2362  }
2363  $all_ops = array_unique($all_ops);
2364 
2365  $set = $ilDB->query("SELECT operation FROM rbac_operations ".
2366  " WHERE ".$ilDB->in("ops_id", $all_ops, false, "integer"));
2367  $perms = array();
2368  while ($rec = $ilDB->fetchAssoc($set))
2369  {
2370  $perms[] = $rec["operation"];
2371  }
2372 
2373  return $perms;
2374  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ hasMultipleAssignments()

ilRbacReview::hasMultipleAssignments (   $a_role_id)

Temporary bugfix.

Todo:
refactor rolf => DONE

Definition at line 1119 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

1120  {
1121  global $ilDB;
1122 
1123  $query = "SELECT * FROM rbac_fa WHERE rol_id = ".$ilDB->quote($a_role_id,'integer').' '.
1124  "AND assign = ".$ilDB->quote('y','text');
1125  $res = $ilDB->query($query);
1126  return $res->numRows() > 1;
1127  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isAssignable()

ilRbacReview::isAssignable (   $a_rol_id,
  $a_ref_id 
)

Check if its possible to assign users public.

Parameters
integerobject id of role
integerref_id of object in question
Returns
boolean
Todo:
refactor rolf (expects object reference id instead of rolf) => DONE

Definition at line 1085 of file class.ilRbacReview.php.

References $ilBench, $ilDB, $query, $res, and $row.

Referenced by getLocalRoles(), and isDeleteable().

1086  {
1087  global $ilBench,$ilDB;
1088 
1089  $ilBench->start("RBAC", "review_isAssignable");
1090 
1091  // exclude system role from rbac
1092  if ($a_rol_id == SYSTEM_ROLE_ID)
1093  {
1094  $ilBench->stop("RBAC", "review_isAssignable");
1095  return true;
1096  }
1097 
1098  if (!isset($a_rol_id) or !isset($a_ref_id))
1099  {
1100  $message = get_class($this)."::isAssignable(): Missing parameter!".
1101  " role_id: ".$a_rol_id." ,ref_id: ".$a_ref_id;
1102  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1103  }
1104  $query = "SELECT * FROM rbac_fa ".
1105  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1106  "AND parent = ".$ilDB->quote($a_ref_id,'integer')." ";
1107  $res = $ilDB->query($query);
1108  $row = $ilDB->fetchObject($res);
1109 
1110  $ilBench->stop("RBAC", "review_isAssignable");
1111  return $row->assign == 'y' ? true : false;
1112  }
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ isAssigned()

ilRbacReview::isAssigned (   $a_usr_id,
  $a_role_id 
)

check if a specific user is assigned to specific role public

Parameters
integerusr_id
integerrole_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 986 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

987  {
988  if(isset(self::$is_assigned_cache[$a_role_id][$a_usr_id])) {
989  return self::$is_assigned_cache[$a_role_id][$a_usr_id];
990  }
991  // Quickly determine if user is assigned to a role
992  global $ilDB;
993 
994  $ilDB->setLimit(1,0);
995  $query = "SELECT usr_id FROM rbac_ua WHERE ".
996  "rol_id= ".$ilDB->quote($a_role_id,'integer')." ".
997  "AND usr_id= ".$ilDB->quote($a_usr_id);
998  $res = $ilDB->query($query);
999 
1000  $is_assigned = $res->numRows() == 1;
1001  self::$is_assigned_cache[$a_role_id][$a_usr_id] = $is_assigned;
1002 
1003  return $is_assigned;
1004  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isAssignedToAtLeastOneGivenRole()

ilRbacReview::isAssignedToAtLeastOneGivenRole (   $a_usr_id,
  $a_role_ids 
)

check if a specific user is assigned to at least one of the given role ids.

This function is used to quickly check whether a user is member of a course or a group.

public

Parameters
integerusr_id
array[integer]role_ids
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1018 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

1019  {
1020  global $ilDB;
1021 
1022  $ilDB->setLimit(1,0);
1023  $query = "SELECT usr_id FROM rbac_ua WHERE ".
1024  $ilDB->in('rol_id',$a_role_ids,false,'integer').
1025  " AND usr_id= ".$ilDB->quote($a_usr_id);
1026  $res = $ilDB->query($query);
1027 
1028  return $ilDB->numRows($res) == 1;
1029  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isBlockedAtPosition()

ilRbacReview::isBlockedAtPosition (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked at position ilDB $ilDB.

Parameters
type$a_role_id
type$a_ref_id
Returns
boolean

Definition at line 1935 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

Referenced by isBlockedInUpperContext().

1936  {
1937  global $ilDB;
1938 
1939  $query = 'SELECT blocked from rbac_fa '.
1940  'WHERE rol_id = '. $ilDB->quote($a_role_id,'integer').' '.
1941  'AND parent = '.$ilDB->quote($a_ref_id,'integer');
1942  $res = $ilDB->query($query);
1943  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1944  {
1945  return (bool) $row->blocked;
1946  }
1947  return FALSE;
1948  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ isBlockedInUpperContext()

ilRbacReview::isBlockedInUpperContext (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked in upper context.

Parameters
type$a_role_id
type$a_ref_id

Definition at line 1955 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, DB_FETCHMODE_OBJECT, and isBlockedAtPosition().

1956  {
1957  global $ilDB, $tree;
1958 
1959  if($this->isBlockedAtPosition($a_role_id, $a_ref_id))
1960  {
1961  return FALSE;
1962  }
1963  $query = 'SELECT parent from rbac_fa '.
1964  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1965  'AND blocked = '.$ilDB->quote(1,'integer');
1966  $res = $ilDB->query($query);
1967 
1968  $parent_ids = array();
1969  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1970  {
1971  $parent_ids[] = $row->parent;
1972  }
1973 
1974  foreach($parent_ids as $parent_id)
1975  {
1976  if($tree->isGrandChild($parent_id, $a_ref_id))
1977  {
1978  return TRUE;
1979  }
1980  }
1981  return FALSE;
1982  }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
ilRbacReview\isBlockedAtPosition
isBlockedAtPosition($a_role_id, $a_ref_id)
Check if role is blocked at position ilDB $ilDB.
Definition: class.ilRbacReview.php:1935
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ isDeleteable()

ilRbacReview::isDeleteable (   $a_role_id,
  $a_rolf_id 
)

Check if role is deleteable at a specific position.

Parameters
object$a_role_id
introlf_id
Returns
Todo:
refactor rolf => DONE

Definition at line 2279 of file class.ilRbacReview.php.

References ilObject\_lookupTitle(), and isAssignable().

2280  {
2281  if(!$this->isAssignable($a_role_id, $a_rolf_id))
2282  {
2283  return false;
2284  }
2285  if($a_role_id == SYSTEM_ROLE_ID or $a_role_id == ANONYMOUS_ROLE_ID)
2286  {
2287  return false;
2288  }
2289  if(substr(ilObject::_lookupTitle($a_role_id),0,3) == 'il_')
2290  {
2291  return false;
2292  }
2293  return true;
2294  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:944
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users public.
Definition: class.ilRbacReview.php:1085
+ Here is the call graph for this function:

◆ isDeleted()

ilRbacReview::isDeleted (   $a_node_id)

Checks if a rolefolder is set as deleted (negative tree_id) public.

Parameters
integerref_id of rolefolder
Returns
boolean true if rolefolder is set as deleted
Todo:
refactor rolf => DELETE method

Definition at line 1650 of file class.ilRbacReview.php.

References $ilDB, $r, $row, DB_FETCHMODE_OBJECT, and ilDB\query().

Referenced by isRoleDeleted().

1651  {
1652  global $ilDB;
1653 
1654  $q = "SELECT tree FROM tree WHERE child =".$ilDB->quote($a_node_id)." ";
1655  $r = $this->ilDB->query($q);
1656 
1657  $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
1658 
1659  if (!$row)
1660  {
1661  $message = sprintf('%s::isDeleted(): Role folder with ref_id %s not found!',
1662  get_class($this),
1663  $a_node_id);
1664  $this->log->write($message,$this->log->FATAL);
1665 
1666  return true;
1667  }
1668 
1669  // rolefolder is deleted
1670  if ($row->tree < 0)
1671  {
1672  return true;
1673  }
1674 
1675  return false;
1676  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1450
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$r
$r
Definition: example_031.php:79
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isGlobalRole()

ilRbacReview::isGlobalRole (   $a_role_id)

Check if role is a global role.

Parameters
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1684 of file class.ilRbacReview.php.

References getGlobalRoles().

1685  {
1686  return in_array($a_role_id,$this->getGlobalRoles());
1687  }
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:1252
+ Here is the call graph for this function:

◆ isProtected()

ilRbacReview::isProtected (   $a_ref_id,
  $a_role_id 
)
Todo:
refactor rolf => search calls ilDB $ilDB
Parameters
type$a_ref_id
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1915 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and ilUtil\yn2tf().

1916  {
1917  global $ilDB;
1918 
1919  // ref_id not used yet. protected permission acts 'global' for each role,
1920  $query = "SELECT protected FROM rbac_fa ".
1921  "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
1922  $res = $ilDB->query($query);
1923  $row = $ilDB->fetchAssoc($res);
1924 
1925  return ilUtil::yn2tf($row['protected']);
1926  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilUtil\yn2tf
static yn2tf($a_yn)
convert "y"/"n" to true/false
Definition: class.ilUtil.php:3296
+ Here is the call graph for this function:

◆ isRoleAssignedToObject()

ilRbacReview::isRoleAssignedToObject (   $a_role_id,
  $a_parent_id 
)

Check if role is assigned to an object.

Todo:
refactor rolf => DONE (renamed)

Definition at line 1334 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

1335  {
1336  global $rbacreview, $ilDB;
1337 
1338  $query = 'SELECT * FROM rbac_fa '.
1339  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1340  'AND parent = '.$ilDB->quote($a_parent_id,'integer');
1341  $res = $ilDB->query($query);
1342  return $res->numRows() ? true : false;
1343  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isRoleDeleted()

ilRbacReview::isRoleDeleted (   $a_role_id)

return if role is only attached to deleted role folders

Parameters
int$a_role_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 2193 of file class.ilRbacReview.php.

References getFoldersAssignedToRole(), and isDeleted().

2194  {
2195  $rolf_list = $this->getFoldersAssignedToRole($a_role_id, false);
2196  $deleted = true;
2197  if (count($rolf_list))
2198  {
2199  foreach ($rolf_list as $rolf) {
2200  // only list roles that are not set to status "deleted"
2201  if (!$this->isDeleted($rolf))
2202  {
2203  $deleted = false;
2204  break;
2205  }
2206  }
2207  }
2208  return $deleted;
2209  }
ilRbacReview\isDeleted
isDeleted($a_node_id)
Checks if a rolefolder is set as deleted (negative tree_id) public.
Definition: class.ilRbacReview.php:1650
ilRbacReview\getFoldersAssignedToRole
getFoldersAssignedToRole($a_rol_id, $a_assignable=false)
Returns an array of objects assigned to a role.
Definition: class.ilRbacReview.php:1140
+ Here is the call graph for this function:

◆ isSystemGeneratedRole()

ilRbacReview::isSystemGeneratedRole (   $a_role_id)

Check if the role is system generate role or role template.

Parameters
int$a_role_id
Returns
bool
Todo:
refactor rolf => DONE

Definition at line 2302 of file class.ilRbacReview.php.

References ilObject\_lookupTitle().

2303  {
2304  $title = ilObject::_lookupTitle($a_role_id);
2305  return substr($title,0,3) == 'il_' ? true : false;
2306  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:944
+ Here is the call graph for this function:

◆ lookupCreateOperationIds()

static ilRbacReview::lookupCreateOperationIds (   $a_type_arr)
static

Lookup operation ids.

Parameters
array$a_type_arre.g array('cat','crs','grp'). The operation name (e.g. 'create_cat') is generated automatically
Returns
array int Array with operation ids
Todo:
refactor rolf => DONE

Definition at line 1874 of file class.ilRbacReview.php.

References $ilDB, $query, $res, and $row.

Referenced by ilObjectXMLWriter\__appendOperations(), ilObjectRoleTemplatePermissionTableGUI\parse(), ilObjectRolePermissionTableGUI\parse(), ilPermissionGUI\savePermissions(), and ilObjStudyProgrammeTest\testCreatePermissionExists().

1875  {
1876  global $ilDB;
1877 
1878  $operations = array();
1879  foreach($a_type_arr as $type)
1880  {
1881  $operations[] = ('create_'.$type);
1882  }
1883 
1884  if(!count($operations))
1885  {
1886  return array();
1887  }
1888 
1889  $query = 'SELECT ops_id, operation FROM rbac_operations '.
1890  'WHERE '.$ilDB->in('operation',$operations,false,'text');
1891 
1892  $res = $ilDB->query($query);
1893 
1894  $ops_ids = array();
1895  while($row = $ilDB->fetchObject($res))
1896  {
1897  $type_arr = explode('_', $row->operation);
1898  $type = $type_arr[1];
1899 
1900  $ops_ids[$type] = $row->ops_id;
1901  }
1902  return $ops_ids;
1903  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ roleExists()

ilRbacReview::roleExists (   $a_title,
  $a_id = 0 
)

Checks if a role already exists.

Role title should be unique public

Parameters
stringrole title
integerobj_id of role to exclude in the check. Commonly this is the current role you want to edit
Returns
boolean true if exists
Todo:
refactor rolf => DONE

Definition at line 567 of file class.ilRbacReview.php.

References $ilDB, $r, $row, DB_FETCHMODE_OBJECT, and ilDB\query().

568  {
569  global $ilDB;
570 
571  if (empty($a_title))
572  {
573  $message = get_class($this)."::roleExists(): No title given!";
574  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
575  }
576 
577  $clause = ($a_id) ? " AND obj_id != ".$ilDB->quote($a_id)." " : "";
578 
579  $q = "SELECT DISTINCT(obj_id) obj_id FROM object_data ".
580  "WHERE title =".$ilDB->quote($a_title)." ".
581  "AND type IN('role','rolt')".
582  $clause." ";
583  $r = $this->ilDB->query($q);
584 
585  while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
586  {
587  return $row->obj_id;
588  }
589  return false;
590  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1450
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$r
$r
Definition: example_031.php:79
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ searchRolesByMailboxAddressList()

ilRbacReview::searchRolesByMailboxAddressList (   $a_address_list)

Finds all role ids that match the specified user friendly role mailbox address list.

The role mailbox name address list is an e-mail address list according to IETF RFC 822:

address list = role mailbox, {"," role mailbox } ; role mailbox = "#", local part, ["@" domain] ;

Examples: The following role mailbox names are all resolved to the role il_crs_member_123:

#Course.A #member.A #il_crs_member_123.A #il_crs_member_123 #il_crs_member_123

Examples: The following role mailbox names are all resolved to the role il_crs_member_345:

#member@[English Course] #il_crs_member_345@[English Course] #il_crs_member_345 #il_crs_member_345

If only the local part is specified, or if domain is equal to "ilias", ILIAS compares the title of role objects with local part. Only roles that are not in a trash folder are considered for the comparison.

If a domain is specified, and if the domain is not equal to "ilias", ILIAS compares the title of objects with the domain. Only objects that are not in a trash folder are considered for the comparison. Then ILIAS searches for local roles which contain the local part in their title. This allows for abbreviated role names, e.g. instead of having to specify #il_grp_member_345, it is sufficient to specify #member.

The address list may contain addresses thate are not role mailboxes. These addresses are ignored.

If a role mailbox address is ambiguous, this function returns the ID's of all role objects that are possible recipients for the role mailbox address.

If Pear Mail is not installed, then the mailbox address

public

Parameters
stringIETF RFX 822 address list containing role mailboxes.
Returns
int[] Array with role ids that were found
Todo:
refactor rolf

Definition at line 115 of file class.ilRbacReview.php.

References $ilDB, $query, $r, $row, DB_FETCHMODE_OBJECT, ilMail\ILIAS_HOST, ilDB\query(), and ilDB\quote().

116  {
117  global $ilDB;
118 
119  $role_ids = array();
120 
121  include_once "Services/Mail/classes/class.ilMail.php";
122  if(ilMail::_usePearMail())
123  {
124  require_once './Services/PEAR/lib/Mail/RFC822.php';
125  $parser = new Mail_RFC822();
126  $parsedList = $parser->parseAddressList($a_address_list, ilMail::ILIAS_HOST, false, true);
127  foreach ($parsedList as $address)
128  {
129  $local_part = $address->mailbox;
130  if (strpos($local_part,'#') !== 0 &&
131  !($local_part{0} == '"' && $local_part{1} == "#"))
132  {
133  // A local-part which doesn't start with a '#' doesn't denote a role.
134  // Therefore we can skip it.
135  continue;
136  }
137 
138  $local_part = substr($local_part, 1);
139 
140  /* If role contains spaces, eg. 'foo role', double quotes are added which have to be
141  removed here.*/
142  if( $local_part{0} == '#' && $local_part{strlen($local_part) - 1} == '"' )
143  {
144  $local_part = substr($local_part, 1);
145  $local_part = substr($local_part, 0, strlen($local_part) - 1);
146  }
147 
148  if (substr($local_part,0,8) == 'il_role_')
149  {
150  $role_id = substr($local_part,8);
151  $query = "SELECT t.tree ".
152  "FROM rbac_fa fa ".
153  "JOIN tree t ON t.child = fa.parent ".
154  "WHERE fa.rol_id = ".$this->ilDB->quote($role_id,'integer')." ".
155  "AND fa.assign = 'y' ".
156  "AND t.tree = 1";
157  $r = $ilDB->query($query);
158  if ($r->numRows() > 0)
159  {
160  $role_ids[] = $role_id;
161  }
162  continue;
163  }
164 
165 
166  $domain = $address->host;
167  if (strpos($domain,'[') == 0 && strrpos($domain,']'))
168  {
169  $domain = substr($domain,1,strlen($domain) - 2);
170  }
171  if (strlen($local_part) == 0)
172  {
173  $local_part = $domain;
174  $address->host = ilMail::ILIAS_HOST;
175  $domain = ilMail::ILIAS_HOST;
176  }
177 
178  if (strtolower($address->host) == ilMail::ILIAS_HOST)
179  {
180  // Search for roles = local-part in the whole repository
181  $query = "SELECT dat.obj_id ".
182  "FROM object_data dat ".
183  "JOIN rbac_fa fa ON fa.rol_id = dat.obj_id ".
184  "JOIN tree t ON t.child = fa.parent ".
185  "WHERE dat.title =".$this->ilDB->quote($local_part,'text')." ".
186  "AND dat.type = 'role' ".
187  "AND fa.assign = 'y' ".
188  "AND t.tree = 1";
189  }
190  else
191  {
192  // Search for roles like local-part in objects = host
193  $query = "SELECT rdat.obj_id ".
194  "FROM object_data odat ".
195  "JOIN object_reference oref ON oref.obj_id = odat.obj_id ".
196  "JOIN tree otree ON otree.child = oref.ref_id ".
197  "JOIN rbac_fa rfa ON rfa.parent = otree.child ".
198  "JOIN object_data rdat ON rdat.obj_id = rfa.rol_id ".
199  "WHERE odat.title = ".$this->ilDB->quote($domain,'text')." ".
200  "AND otree.tree = 1 ".
201  "AND rfa.assign = 'y' ".
202  "AND rdat.title LIKE ".
203  $this->ilDB->quote('%'.preg_replace('/([_%])/','\\\\$1',$local_part).'%','text');
204  }
205  $r = $ilDB->query($query);
206 
207  $count = 0;
208  while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
209  {
210  $role_ids[] = $row->obj_id;
211  $count++;
212  }
213 
214  // Nothing found?
215  // In this case, we search for roles = host.
216  if ($count == 0 && strtolower($address->host) == ilMail::ILIAS_HOST)
217  {
218  $q = "SELECT dat.obj_id ".
219  "FROM object_data dat ".
220  "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
221  "JOIN tree t ON t.child = ref.ref_id ".
222  "WHERE dat.title = ".$this->ilDB->quote($domain ,'text')." ".
223  "AND dat.type = 'role' ".
224  "AND t.tree = 1 ";
225  $r = $this->ilDB->query($q);
226 
227  while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
228  {
229  $role_ids[] = $row->obj_id;
230  }
231  }
232  //echo '<br>ids='.var_export($role_ids,true);
233  }
234  }
235  else
236  {
237  // the following code is executed, when Pear Mail is
238  // not installed
239 
240  $titles = explode(',', $a_address_list);
241 
242  $titleList = '';
243  foreach ($titles as $title)
244  {
245  if (strlen($inList) > 0)
246  {
247  $titleList .= ',';
248  }
249  $title = trim($title);
250  if (strpos($title,'#') == 0)
251  {
252  $titleList .= $this->ilDB->quote(substr($title, 1));
253  }
254  }
255  if (strlen($titleList) > 0)
256  {
257  $q = "SELECT obj_id ".
258  "FROM object_data ".
259  "WHERE title IN (".$titleList.") ".
260  "AND type='role'";
261  $r = $this->ilDB->query($q);
262  while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
263  {
264  $role_ids[] = $row->obj_id;
265  }
266  }
267  }
268 
269  return $role_ids;
270  }
ilMail\ILIAS_HOST
const ILIAS_HOST
Definition: class.ilMail.php:213
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1450
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
ilDB\quote
quote($a_query, $a_type=null)
Wrapper for quote method.
Definition: class.ilDB.php:2342
$r
$r
Definition: example_031.php:79
Mail_RFC822
Definition: RFC822.php:70
ilDB
Database Wrapper.
Definition: class.ilDB.php:28
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ setAssignedCacheEntry()

ilRbacReview::setAssignedCacheEntry (   $a_role_id,
  $a_user_id,
  $a_value 
)

set entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id
bool$a_value

Definition at line 2382 of file class.ilRbacReview.php.

2383  {
2384  self::$is_assigned_cache[$a_role_id][$a_user_id] = $a_value;
2385  }

Field Documentation

◆ $_opsCache

ilRbacReview::$_opsCache = null
staticprivate

Definition at line 32 of file class.ilRbacReview.php.

◆ $assigned_roles

ilRbacReview::$assigned_roles = array()
protected

Definition at line 28 of file class.ilRbacReview.php.

◆ $assigned_users_cache

ilRbacReview::$assigned_users_cache = array()
staticprotected

Definition at line 37 of file class.ilRbacReview.php.

◆ $is_assigned_cache

ilRbacReview::$is_assigned_cache = array()
staticprotected

Definition at line 42 of file class.ilRbacReview.php.

◆ $log

ilRbacReview::$log = null

Definition at line 29 of file class.ilRbacReview.php.

Referenced by __setProtectedStatus(), and getRoleMailboxAddress().

◆ FILTER_ALL

const ilRbacReview::FILTER_ALL = 1

Definition at line 21 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_ALL_GLOBAL

const ilRbacReview::FILTER_ALL_GLOBAL = 2

Definition at line 22 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_ALL_LOCAL

const ilRbacReview::FILTER_ALL_LOCAL = 3

Definition at line 23 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_INTERNAL

const ilRbacReview::FILTER_INTERNAL = 4

Definition at line 24 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_NOT_INTERNAL

const ilRbacReview::FILTER_NOT_INTERNAL = 5

Definition at line 25 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_TEMPLATES

const ilRbacReview::FILTER_TEMPLATES = 6

Definition at line 26 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

The documentation for this class was generated from the following file: