ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Static Protected Attributes | Static Private Attributes
ilRbacReview Class Reference
Services/AccessControl

class ilRbacReview Contains Review functions of core Rbac. More...

+ Collaboration diagram for ilRbacReview:

Public Member Functions

 __construct ()
 Constructor @access public. More...
 
 searchRolesByMailboxAddressList ($a_address_list)
 Finds all role ids that match the specified user friendly role mailbox address list. More...
 
 getRoleMailboxAddress ($a_role_id, $is_localize=true)
 
 roleExists ($a_title, $a_id=0)
 Checks if a role already exists. More...
 
 getParentRoleIds ($a_endnode_id, $a_templates=false)
 get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates @access public More...
 
 getRoleListByObject ($a_ref_id, $a_templates=false)
 Returns a list of roles in an container @access public. More...
 
 getAssignableRoles ($a_templates=false, $a_internal_roles=false, $title_filter='')
 Returns a list of all assignable roles @access public. More...
 
 getAssignableRolesInSubtree ($ref_id)
 Returns a list of assignable roles in a subtree of the repository @access public. More...
 
 getAssignableChildRoles ($a_ref_id)
 Get all assignable roles directly under a specific node @access public. More...
 
 getNumberOfAssignedUsers (Array $a_roles)
 Get the number of assigned users to roles @global ilDB $ilDB. More...
 
 assignedUsers ($a_rol_id, $a_fields=NULL)
 get all assigned users to a given role @access public More...
 
 isAssigned ($a_usr_id, $a_role_id)
 check if a specific user is assigned to specific role @access public More...
 
 isAssignedToAtLeastOneGivenRole ($a_usr_id, $a_role_ids)
 check if a specific user is assigned to at least one of the given role ids. More...
 
 assignedRoles ($a_usr_id)
 get all assigned roles to a given user @access public More...
 
 assignedGlobalRoles ($a_usr_id)
 Get assigned global roles for an user. More...
 
 isAssignable ($a_rol_id, $a_ref_id)
 Check if its possible to assign users @access public. More...
 
 hasMultipleAssignments ($a_role_id)
 Temporary bugfix. More...
 
 getFoldersAssignedToRole ($a_rol_id, $a_assignable=false)
 Returns an array of objects assigned to a role. More...
 
 getRolesOfObject ($a_ref_id, $a_assignable_only=FALSE)
 Get roles of object. More...
 
 getRolesOfRoleFolder ($a_ref_id, $a_nonassignable=true)
 get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids @access public More...
 
 getGlobalRoles ()
 get only 'global' roles @access public More...
 
 getLocalRoles ($a_ref_id)
 Get local roles of object. More...
 
 getLocalPolicies ($a_ref_id)
 Get all roles with local policies. More...
 
 getGlobalRolesArray ()
 get only 'global' roles @access public More...
 
 getGlobalAssignableRoles ()
 get only 'global' roles (with flag 'assign_users') @access public More...
 
 isRoleAssignedToObject ($a_role_id, $a_parent_id)
 Check if role is assigned to an object. More...
 
 getOperations ()
 get all possible operations @access public More...
 
 getOperation ($ops_id)
 get one operation by operation id @access public More...
 
 getAllOperationsOfRole ($a_rol_id, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public More...
 
 getActiveOperationsOfRole ($a_ref_id, $a_role_id)
 Get active operations for a role. More...
 
 getOperationsOfRole ($a_rol_id, $a_type, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public More...
 
 getRoleOperationsOnObject ($a_role_id, $a_ref_id)
 @global ilDB $ilDB More...
 
 getOperationsOnType ($a_typ_id)
 all possible operations of a type @access public More...
 
 getOperationsOnTypeString ($a_type)
 all possible operations of a type @access public More...
 
 getOperationsByTypeAndClass ($a_type, $a_class)
 Get operations by type and class. More...
 
 getObjectsWithStopedInheritance ($a_rol_id, $a_filter=array())
 get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder. More...
 
 isDeleted ($a_node_id)
 Checks if a rolefolder is set as deleted (negative tree_id) @access public. More...
 
 isGlobalRole ($a_role_id)
 Check if role is a global role. More...
 
 getRolesByFilter ($a_filter=0, $a_user_id=0, $title_filter='')
 @global ilDB $ilDB More...
 
 getTypeId ($a_type)
 Get type id of object @global ilDB $ilDB. More...
 
 isProtected ($a_ref_id, $a_role_id)
 
 isBlockedAtPosition ($a_role_id, $a_ref_id)
 Check if role is blocked at position @global ilDB $ilDB. More...
 
 isBlockedInUpperContext ($a_role_id, $a_ref_id)
 Check if role is blocked in upper context. More...
 
 getObjectOfRole ($a_role_id)
 Get object id of objects a role is assigned to. More...
 
 getObjectReferenceOfRole ($a_role_id)
 Get reference of role. More...
 
 isRoleDeleted ($a_role_id)
 return if role is only attached to deleted role folders More...
 
 getRolesForIDs ($role_ids, $use_templates)
 @global ilDB $ilDB More...
 
 getOperationAssignment ()
 get operation assignments More...
 
 isDeleteable ($a_role_id, $a_rolf_id)
 Check if role is deleteable at a specific position. More...
 
 isSystemGeneratedRole ($a_role_id)
 Check if the role is system generate role or role template. More...
 
 getRoleFolderOfRole ($a_role_id)
 Get role folder of role @global ilDB $ilDB. More...
 
 getUserPermissionsOnObject ($a_user_id, $a_ref_id)
 Get all user permissions on an object. More...
 
 setAssignedCacheEntry ($a_role_id, $a_user_id, $a_value)
 set entry of assigned_chache More...
 
 getAssignedCacheEntry ($a_role_id, $a_user_id)
 get entry of assigned_chache More...
 
 clearCaches ()
 Clear assigned users caches. More...
 

Static Public Member Functions

static _getOperationIdsByName ($operations)
 get ops_id's by name. More...
 
static _getOperationIdByName ($a_operation)
 get operation id by name of operation @access public @access static More...
 
static lookupCreateOperationIds ($a_type_arr)
 Lookup operation ids. More...
 
static _getOperationList ($a_type=null)
 get operation list by object type @access public @access static More...
 
static _groupOperationsByClass ($a_ops_arr)
 

Data Fields

const FILTER_ALL = 1
 
const FILTER_ALL_GLOBAL = 2
 
const FILTER_ALL_LOCAL = 3
 
const FILTER_INTERNAL = 4
 
const FILTER_NOT_INTERNAL = 5
 
const FILTER_TEMPLATES = 6
 
 $log = null
 

Protected Member Functions

 __getParentRoles ($a_path, $a_templates)
 Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan. More...
 
 __setTemplateFilter ($a_templates)
 get roles and templates or only roles; returns string for where clause @access private More...
 
 __setRoleType ($a_role_list)
 computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates More...
 
 __setProtectedStatus ($a_parent_roles, $a_role_hierarchy, $a_ref_id)
 Set protected status @global type $rbacsystem @global type $ilUser @global type $log. More...
 

Protected Attributes

 $assigned_roles = array()
 

Static Protected Attributes

static $assigned_users_cache = array()
 
static $is_assigned_cache = array()
 

Static Private Attributes

static $_opsCache = null
 

Detailed Description

class ilRbacReview Contains Review functions of core Rbac.

This class offers the possibility to view the contents of the user <-> role (UR) relation and the permission <-> role (PR) relation. For example, from the UA relation the administrator should have the facility to view all user assigned to a given role.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

Definition at line 19 of file class.ilRbacReview.php.

Constructor & Destructor Documentation

◆ __construct()

ilRbacReview::__construct ( )

Constructor @access public.

Definition at line 48 of file class.ilRbacReview.php.

49 {
50 global $ilDB,$ilErr,$ilias,$ilLog;
51
52 $this->log =& $ilLog;
53
54 // set db & error handler
55 (isset($ilDB)) ? $this->ilDB =& $ilDB : $this->ilDB =& $ilias->db;
56
57 if (!isset($ilErr))
58 {
59 $ilErr = new ilErrorHandling();
60 $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
61 }
62 else
63 {
64 $this->ilErr =& $ilErr;
65 }
66 }
PEAR_ERROR_CALLBACK
const PEAR_ERROR_CALLBACK
Definition: PEAR.php:35
ilDB
Database Wrapper.
Definition: class.ilDB.php:29
if
if(!file_exists(getcwd().'/ilias.ini.php')) if(isset( $_GET["client_id"]))
registration confirmation script for ilias
Definition: confirmReg.php:20
$ilLog
$ilLog
Definition: inc.setup_header.php:136
$ilErr
$ilErr
Definition: inc.setup_header.php:67
$ilDB
global $ilDB
Definition: storeScorm2004.php:19

References $ilDB, $ilErr, $ilLog, if, and PEAR_ERROR_CALLBACK.

Member Function Documentation

◆ __getParentRoles()

ilRbacReview::__getParentRoles (   $a_path,
  $a_templates 
)
protected

Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan.

Get parent roles in a path. If last parameter is set 'true' it delivers also all templates in the path @access protected

Parameters
arrayarray with path_ids
booleantrue for role templates (default: false)
Returns
array array with all parent roles (obj_ids)
Todo:
refactor rolf => DONE

Definition at line 605 of file class.ilRbacReview.php.

606 {
607 if (!isset($a_path) or !is_array($a_path))
608 {
609 $message = get_class($this)."::getParentRoles(): No path given or wrong datatype!";
610 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
611 }
612
613 $parent_roles = array();
614 $role_hierarchy = array();
615
616 foreach($a_path as $ref_id)
617 {
618 $roles = $this->getRoleListByObject($ref_id,$a_templates);
619 foreach($roles as $role)
620 {
621 $id = $role["obj_id"];
622 $role["parent"] = $ref_id;
623 $parent_roles[$id] = $role;
624
625 if (!array_key_exists($role['obj_id'],$role_hierarchy))
626 {
627 $role_hierarchy[$id] = $ref_id;
628 }
629 }
630 }
631 return $this->__setProtectedStatus($parent_roles,$role_hierarchy,reset($a_path));
632 }
ilRbacReview\__setProtectedStatus
__setProtectedStatus($a_parent_roles, $a_role_hierarchy, $a_ref_id)
Set protected status @global type $rbacsystem @global type $ilUser @global type $log.
Definition: class.ilRbacReview.php:1998
ilRbacReview\getRoleListByObject
getRoleListByObject($a_ref_id, $a_templates=false)
Returns a list of roles in an container @access public.
Definition: class.ilRbacReview.php:674
$ref_id
$ref_id
Definition: sahs_server.php:39

References $ref_id, __setProtectedStatus(), and getRoleListByObject().

Referenced by getParentRoleIds().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setProtectedStatus()

ilRbacReview::__setProtectedStatus (   $a_parent_roles,
  $a_role_hierarchy,
  $a_ref_id 
)
protected

Set protected status @global type $rbacsystem @global type $ilUser @global type $log.

Parameters
type$a_parent_roles
type$a_role_hierarchy
type$a_ref_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1998 of file class.ilRbacReview.php.

1999 {
2000 //vd('refId',$a_ref_id,'parent roles',$a_parent_roles,'role-hierarchy',$a_role_hierarchy);
2001
2002 global $rbacsystem,$ilUser,$log;
2003
2004 if (in_array(SYSTEM_ROLE_ID,$this->assignedRoles($ilUser->getId())))
2005 {
2006 $leveladmin = true;
2007 }
2008 else
2009 {
2010 $leveladmin = false;
2011 }
2012 #vd("RoleHierarchy",$a_role_hierarchy);
2013 foreach ($a_role_hierarchy as $role_id => $rolf_id)
2014 {
2015 //$log->write("ilRBACreview::__setProtectedStatus(), 0");
2016 #echo "<br/>ROLF: ".$rolf_id." ROLE_ID: ".$role_id." (".$a_parent_roles[$role_id]['title'].") ";
2017 //var_dump($leveladmin,$a_parent_roles[$role_id]['protected']);
2018
2019 if ($leveladmin == true)
2020 {
2021 $a_parent_roles[$role_id]['protected'] = false;
2022 continue;
2023 }
2024
2025 if ($a_parent_roles[$role_id]['protected'] == true)
2026 {
2027 $arr_lvl_roles_user = array_intersect($this->assignedRoles($ilUser->getId()),array_keys($a_role_hierarchy,$rolf_id));
2028
2029 #vd("intersection",$arr_lvl_roles_user);
2030
2031 foreach ($arr_lvl_roles_user as $lvl_role_id)
2032 {
2033 #echo "<br/>level_role: ".$lvl_role_id;
2034 #echo "<br/>a_ref_id: ".$a_ref_id;
2035
2036 //$log->write("ilRBACreview::__setProtectedStatus(), 1");
2037 // check if role grants 'edit_permission' to parent
2038 $rolf = $a_parent_roles[$role_id]['parent'];
2039 #$parent_obj = $GLOBALS['tree']->getParentId($rolf);
2040 if ($rbacsystem->checkPermission($rolf,$lvl_role_id,'edit_permission'))
2041 {
2042 #echo "<br />Permission granted";
2043 //$log->write("ilRBACreview::__setProtectedStatus(), 2");
2044 // user may change permissions of that higher-ranked role
2045 $a_parent_roles[$role_id]['protected'] = false;
2046
2047 // remember successful check
2048 //$leveladmin = true;
2049 }
2050 }
2051 }
2052 }
2053 return $a_parent_roles;
2054 }
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user @access public
Definition: class.ilRbacReview.php:1038
$ilUser
global $ilUser
Definition: imgupload.php:15

References $ilUser, $log, and assignedRoles().

Referenced by __getParentRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setRoleType()

ilRbacReview::__setRoleType (   $a_role_list)
protected

computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates

@access private

Parameters
arrayrole list
Returns
array role list with additional entry for role_type
Todo:
refactor rolf => DONE

Definition at line 843 of file class.ilRbacReview.php.

844 {
845 foreach ($a_role_list as $key => $val)
846 {
847 // determine role type
848 if ($val["type"] == "rolt")
849 {
850 $a_role_list[$key]["role_type"] = "template";
851 }
852 else
853 {
854 if ($val["assign"] == "y")
855 {
856 if ($val["parent"] == ROLE_FOLDER_ID)
857 {
858 $a_role_list[$key]["role_type"] = "global";
859 }
860 else
861 {
862 $a_role_list[$key]["role_type"] = "local";
863 }
864 }
865 else
866 {
867 $a_role_list[$key]["role_type"] = "linked";
868 }
869 }
870
871 if ($val["protected"] == "y")
872 {
873 $a_role_list[$key]["protected"] = true;
874 }
875 else
876 {
877 $a_role_list[$key]["protected"] = false;
878 }
879 }
880
881 return $a_role_list;
882 }

Referenced by getAssignableRoles(), getRoleListByObject(), getRolesByFilter(), and getRolesForIDs().

+ Here is the caller graph for this function:

◆ __setTemplateFilter()

ilRbacReview::__setTemplateFilter (   $a_templates)
protected

get roles and templates or only roles; returns string for where clause @access private

Parameters
booleantrue: with templates
Returns
string where clause
Todo:
refactor rolf => DONE

Definition at line 815 of file class.ilRbacReview.php.

816 {
817 global $ilDB;
818
819 if ($a_templates === true)
820 {
821 $where = "WHERE ".$ilDB->in('object_data.type',array('role','rolt'),false,'text')." ";
822 }
823 else
824 {
825 $where = "WHERE ".$ilDB->in('object_data.type',array('role'),false,'text')." ";
826 }
827
828 return $where;
829 }

References $ilDB.

Referenced by getAssignableRoles(), getRoleListByObject(), and getRolesForIDs().

+ Here is the caller graph for this function:

◆ _getOperationIdByName()

static ilRbacReview::_getOperationIdByName (   $a_operation)
static

get operation id by name of operation @access public @access static

Parameters
stringoperation name
Returns
integer operation id
Todo:
refactor rolf => DONE

Definition at line 1839 of file class.ilRbacReview.php.

1840 {
1841 global $ilDB,$ilErr;
1842
1843 if (!isset($a_operation))
1844 {
1845 $message = "perm::getOperationId(): No operation given!";
1846 $ilErr->raiseError($message,$ilErr->WARNING);
1847 }
1848
1849 // Cache operation ids
1850 if (! is_array(self::$_opsCache)) {
1851 self::$_opsCache = array();
1852
1853 $q = "SELECT ops_id, operation FROM rbac_operations";
1854 $r = $ilDB->query($q);
1855 while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
1856 {
1857 self::$_opsCache[$row->operation] = $row->ops_id;
1858 }
1859 }
1860
1861 // Get operation ID by name from cache
1862 if (array_key_exists($a_operation, self::$_opsCache)) {
1863 return self::$_opsCache[$a_operation];
1864 }
1865 return null;
1866 }
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
$r
$r
Definition: example_031.php:79

References $ilDB, $ilErr, $r, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilRbacSystem\checkAccessOfUser(), and ilObjBlog\getRolesWithContributeOrRedact().

+ Here is the caller graph for this function:

◆ _getOperationIdsByName()

static ilRbacReview::_getOperationIdsByName (   $operations)
static

get ops_id's by name.

Example usage: $rbacadmin->grantPermission($roles,ilRbacReview::_getOperationIdsByName(array('visible','read'),$ref_id));

@access public

Parameters
arraystring name of operation. see rbac_operations
Returns
array integer ops_id's
Todo:
refactor rolf => DONE

Definition at line 1811 of file class.ilRbacReview.php.

1812 {
1813 global $ilDB;
1814
1815 if(!count($operations))
1816 {
1817 return array();
1818 }
1819
1820 $query = 'SELECT ops_id FROM rbac_operations '.
1821 'WHERE '.$ilDB->in('operation',$operations,false,'text');
1822
1823 $res = $ilDB->query($query);
1824 while($row = $ilDB->fetchObject($res))
1825 {
1826 $ops_ids[] = $row->ops_id;
1827 }
1828 return $ops_ids ? $ops_ids : array();
1829 }

References $ilDB, $query, $res, and $row.

Referenced by ilUtil\_getObjectsByOperations(), ilLicense\getPotentialAccesses(), and ilECSObjectSettings\handlePermissionUpdate().

+ Here is the caller graph for this function:

◆ _getOperationList()

static ilRbacReview::_getOperationList (   $a_type = null)
static

get operation list by object type @access public @access static

Parameters
stringobject type you want to have the operation list
stringorder column
stringorder direction (possible values: ASC or DESC)
Returns
array returns array of operations
Todo:
refactor rolf => DONE

Definition at line 2066 of file class.ilRbacReview.php.

2067 {
2068 global $ilDB;
2069
2070 $arr = array();
2071
2072 if ($a_type)
2073 {
2074 $query = sprintf('SELECT * FROM rbac_operations '.
2075 'JOIN rbac_ta ON rbac_operations.ops_id = rbac_ta.ops_id '.
2076 'JOIN object_data ON rbac_ta.typ_id = object_data.obj_id '.
2077 'WHERE object_data.title = %s '.
2078 'AND object_data.type = %s '.
2079 'ORDER BY op_order ASC',
2080 $ilDB->quote($a_type,'text'),
2081 $ilDB->quote('typ','text'));
2082 }
2083 else
2084 {
2085 $query = 'SELECT * FROM rbac_operations ORDER BY op_order ASC';
2086 }
2087 $res = $ilDB->query($query);
2088 while ($row = $ilDB->fetchAssoc($res))
2089 {
2090 $arr[] = array(
2091 "ops_id" => $row['ops_id'],
2092 "operation" => $row['operation'],
2093 "desc" => $row['description'],
2094 "class" => $row['class'],
2095 "order" => $row['op_order']
2096 );
2097 }
2098 return $arr;
2099 }

References $ilDB, $query, $res, and $row.

Referenced by ilSettingsPermissionGUI\__construct(), ilObjTypeDefinitionGUI\editObject(), ilObjectPermissionStatusGUI\getAccessPermissionTableData(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), ilObjRoleTemplateGUI\permObject(), and ilObjTypeDefinitionGUI\viewObject().

+ Here is the caller graph for this function:

◆ _groupOperationsByClass()

static ilRbacReview::_groupOperationsByClass (   $a_ops_arr)
static
Parameters
type$a_ops_arr
Returns
type
Todo:
refactor rolf => DONE

Definition at line 2107 of file class.ilRbacReview.php.

2108 {
2109 $arr = array();
2110
2111 foreach ($a_ops_arr as $ops)
2112 {
2113 $arr[$ops['class']][] = array ('ops_id' => $ops['ops_id'],
2114 'name' => $ops['operation']
2115 );
2116 }
2117 return $arr;
2118 }

◆ assignedGlobalRoles()

ilRbacReview::assignedGlobalRoles (   $a_usr_id)

Get assigned global roles for an user.

Parameters
int$a_usr_idId of user account
Todo:
refactor rolf => DONE

Definition at line 1059 of file class.ilRbacReview.php.

1060 {
1061 global $ilDB;
1062
1063 $query = "SELECT ua.rol_id FROM rbac_ua ua ".
1064 "JOIN rbac_fa fa ON ua.rol_id = fa.rol_id ".
1065 "WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer').' '.
1066 "AND parent = ".$ilDB->quote(ROLE_FOLDER_ID)." ".
1067 "AND assign = 'y' ";
1068
1069 $res = $ilDB->query($query);
1070 while($row = $ilDB->fetchObject($res))
1071 {
1072 $role_arr[] = $row->rol_id;
1073 }
1074 return $role_arr ? $role_arr : array();
1075 }

References $ilDB, $query, $res, and $row.

◆ assignedRoles()

ilRbacReview::assignedRoles (   $a_usr_id)

get all assigned roles to a given user @access public

Parameters
integerusr_id
Returns
array all roles (id) the user have
Todo:
refactor rolf => DONE

Definition at line 1038 of file class.ilRbacReview.php.

1039 {
1040 global $ilDB;
1041
1042 $role_arr = array();
1043
1044 $query = "SELECT rol_id FROM rbac_ua WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer');
1045
1046 $res = $ilDB->query($query);
1047 while($row = $ilDB->fetchObject($res))
1048 {
1049 $role_arr[] = $row->rol_id;
1050 }
1051 return $role_arr ? $role_arr : array();
1052 }

References $ilDB, $query, $res, and $row.

Referenced by __setProtectedStatus(), and getRolesByFilter().

+ Here is the caller graph for this function:

◆ assignedUsers()

ilRbacReview::assignedUsers (   $a_rol_id,
  $a_fields = NULL 
)

get all assigned users to a given role @access public

Parameters
integerrole_id
arraycolumns to get form usr_data table (optional)
Returns
array all users (id) assigned to role OR arrays of user datas
Todo:
refactor rolf => (check result buffering)

Definition at line 912 of file class.ilRbacReview.php.

913 {
914 global $ilBench,$ilDB;
915
916 $ilBench->start("RBAC", "review_assignedUsers");
917
918 if (!isset($a_rol_id))
919 {
920 $message = get_class($this)."::assignedUsers(): No role_id given!";
921 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
922 }
923 if (! $a_fields AND isset(self::$assigned_users_cache[$a_rol_id])) {
924 return self::$assigned_users_cache[$a_rol_id];
925 }
926
927 $result_arr = array();
928
929 if ($a_fields !== NULL and is_array($a_fields))
930 {
931 if (count($a_fields) == 0)
932 {
933 $select = "*";
934 }
935 else
936 {
937 if (($usr_id_field = array_search("usr_id",$a_fields)) !== false)
938 unset($a_fields[$usr_id_field]);
939
940 $select = implode(",",$a_fields).",usr_data.usr_id";
941 $select = addslashes($select);
942 }
943
944 $ilDB->enableResultBuffering(false);
945 $query = "SELECT ".$select." FROM usr_data ".
946 "LEFT JOIN rbac_ua ON usr_data.usr_id = rbac_ua.usr_id ".
947 "WHERE rbac_ua.rol_id =".$ilDB->quote($a_rol_id,'integer');
948 $res = $ilDB->query($query);
949 while($row = $ilDB->fetchAssoc($res))
950 {
951 $result_arr[] = $row;
952 }
953 $ilDB->enableResultBuffering(true);
954 }
955 else
956 {
957 $ilDB->enableResultBuffering(false);
958 $query = "SELECT usr_id FROM rbac_ua WHERE rol_id= ".$ilDB->quote($a_rol_id,'integer');
959
960 $res = $ilDB->query($query);
961 while($row = $ilDB->fetchAssoc($res))
962 {
963 array_push($result_arr,$row["usr_id"]);
964 }
965 $ilDB->enableResultBuffering(true);
966 }
967
968 $ilBench->stop("RBAC", "review_assignedUsers");
969
970 if (! $a_fields) {
971 self::$assigned_users_cache[$a_rol_id] = $result_arr;
972 }
973
974 return $result_arr;
975 }
$ilBench
global $ilBench
Definition: ilias.php:18

References $ilBench, $ilDB, $query, $res, and $row.

◆ clearCaches()

ilRbacReview::clearCaches ( )

Clear assigned users caches.

Definition at line 2401 of file class.ilRbacReview.php.

2402 {
2403 self::$is_assigned_cache = array();
2404 self::$assigned_users_cache = array();
2405 }

◆ getActiveOperationsOfRole()

ilRbacReview::getActiveOperationsOfRole (   $a_ref_id,
  $a_role_id 
)

Get active operations for a role.

Parameters
object$a_ref_id
object$a_role_id
Returns
Todo:
refactor rolf => DONE

Definition at line 1427 of file class.ilRbacReview.php.

1428 {
1429 global $ilDB;
1430
1431 $query = 'SELECT * FROM rbac_pa '.
1432 'WHERE ref_id = '.$ilDB->quote($a_ref_id,'integer').' '.
1433 'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' ';
1434
1435 $res = $ilDB->query($query);
1436 while($row = $res->fetchRow(DB_FETCHMODE_ASSOC))
1437 {
1438 return unserialize($row['ops_id']);
1439 }
1440 return array();
1441 }
DB_FETCHMODE_ASSOC
const DB_FETCHMODE_ASSOC
Definition: class.ilDB.php:10

References $ilDB, $query, $res, $row, and DB_FETCHMODE_ASSOC.

◆ getAllOperationsOfRole()

ilRbacReview::getAllOperationsOfRole (   $a_rol_id,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public

Parameters
integerrole_id
integerrole folder id
Returns
array array of operation_id and types
Todo:
refactor rolf => DONE

Definition at line 1398 of file class.ilRbacReview.php.

1399 {
1400 global $ilDB;
1401
1402 if(!$a_parent)
1403 {
1404 $a_parent = ROLE_FOLDER_ID;
1405 }
1406
1407 $query = "SELECT ops_id,type FROM rbac_templates ".
1408 "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1409 "AND parent = ".$ilDB->quote($a_parent,'integer');
1410 $res = $ilDB->query($query);
1411
1412 $ops_arr = array();
1413 while ($row = $ilDB->fetchObject($res))
1414 {
1415 $ops_arr[$row->type][] = $row->ops_id;
1416 }
1417 return (array) $ops_arr;
1418 }

References $ilDB, $query, $res, and $row.

◆ getAssignableChildRoles()

ilRbacReview::getAssignableChildRoles (   $a_ref_id)

Get all assignable roles directly under a specific node @access public.

Parameters
ref_id
Returns
array set ids
Todo:
refactor rolf => Find a better name; reduce sql fields

Definition at line 789 of file class.ilRbacReview.php.

790 {
791 global $ilDB;
792
793 $query = "SELECT fa.*, rd.* ".
794 "FROM object_data rd ".
795 "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id ".
796 "WHERE fa.assign = 'y' ".
797 "AND fa.parent = ".$this->ilDB->quote($a_ref_id,'integer')." "
798 ;
799
800 $res = $ilDB->query($query);
801 while($row = $ilDB->fetchAssoc($res))
802 {
803 $roles_data[] = $row;
804 }
805 return $roles_data ? $roles_data : array();
806 }

References $ilDB, $query, $res, and $row.

◆ getAssignableRoles()

ilRbacReview::getAssignableRoles (   $a_templates = false,
  $a_internal_roles = false,
  $title_filter = '' 
)

Returns a list of all assignable roles @access public.

Parameters
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 716 of file class.ilRbacReview.php.

717 {
718 global $ilDB;
719
720 $role_list = array();
721
722 $where = $this->__setTemplateFilter($a_templates);
723
724 $query = "SELECT * FROM object_data ".
725 "JOIN rbac_fa ON obj_id = rol_id ".
726 $where.
727 "AND rbac_fa.assign = 'y' ";
728
729 if(strlen($title_filter))
730 {
731 $query .= (' AND '.$ilDB->like(
732 'title',
733 'text',
734 $title_filter.'%'
735 ));
736 }
737 $res = $ilDB->query($query);
738
739 while ($row = $ilDB->fetchAssoc($res))
740 {
741 $row["desc"] = $row["description"];
742 $row["user_id"] = $row["owner"];
743 $role_list[] = $row;
744 }
745
746 $role_list = $this->__setRoleType($role_list);
747
748 return $role_list;
749 }
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:843
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause @access private
Definition: class.ilRbacReview.php:815

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by getRolesByFilter().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssignableRolesInSubtree()

ilRbacReview::getAssignableRolesInSubtree (   $ref_id)

Returns a list of assignable roles in a subtree of the repository @access public.

Parameters
ref_idRoot node of subtree
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 758 of file class.ilRbacReview.php.

759 {
760 global $ilDB;
761
762 $query = 'SELECT rol_id FROM rbac_fa fa '.
763 'JOIN tree t1 ON t1.child = fa.parent '.
764 'JOIN object_data obd ON fa.rol_id = obd.obj_id ' .
765 'WHERE assign = '.$ilDB->quote('y','text').' '.
766 'AND obd.type = '.$ilDB->quote('role','text').' '.
767 'AND t1.child IN ('.
768 $GLOBALS['tree']->getSubTreeQuery($ref_id,array('child')).' '.
769 ') ';
770
771
772 $res = $ilDB->query($query);
773
774 $role_list = array();
775 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
776 {
777 $role_list[] = $row->rol_id;
778 }
779 return $role_list;
780 }
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276

References $GLOBALS, $ilDB, $query, $ref_id, $res, $row, and DB_FETCHMODE_OBJECT.

◆ getAssignedCacheEntry()

ilRbacReview::getAssignedCacheEntry (   $a_role_id,
  $a_user_id 
)

get entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id

Definition at line 2393 of file class.ilRbacReview.php.

2394 {
2395 return self::$is_assigned_cache[$a_role_id][$a_user_id];
2396 }

◆ getFoldersAssignedToRole()

ilRbacReview::getFoldersAssignedToRole (   $a_rol_id,
  $a_assignable = false 
)

Returns an array of objects assigned to a role.

A role with stopped inheritance may be assigned to more than one objects. To get only the original location of a role, set the second parameter to true

@access public

Parameters
integerrole id
booleanget only rolefolders where role is assignable (true)
Returns
array reference IDs of role folders
Todo:
refactor rolf => RENAME (rest done)

Definition at line 1140 of file class.ilRbacReview.php.

1141 {
1142 global $ilDB;
1143
1144 if (!isset($a_rol_id))
1145 {
1146 $message = get_class($this)."::getFoldersAssignedToRole(): No role_id given!";
1147 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1148 }
1149
1150 if ($a_assignable)
1151 {
1152 $where = " AND assign ='y'";
1153 }
1154
1155 $query = "SELECT DISTINCT parent FROM rbac_fa ".
1156 "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".$where." ";
1157
1158 $res = $ilDB->query($query);
1159 while($row = $ilDB->fetchObject($res))
1160 {
1161 $folders[] = $row->parent;
1162 }
1163 return $folders ? $folders : array();
1164 }

References $ilDB, $query, $res, and $row.

Referenced by isRoleDeleted().

+ Here is the caller graph for this function:

◆ getGlobalAssignableRoles()

ilRbacReview::getGlobalAssignableRoles ( )

get only 'global' roles (with flag 'assign_users') @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1314 of file class.ilRbacReview.php.

1315 {
1316 include_once './Services/AccessControl/classes/class.ilObjRole.php';
1317
1318 foreach($this->getGlobalRoles() as $role_id)
1319 {
1320 if(ilObjRole::_getAssignUsersStatus($role_id))
1321 {
1322 $ga[] = array('obj_id' => $role_id,
1323 'role_type' => 'global');
1324 }
1325 }
1326 return $ga ? $ga : array();
1327 }
ilObjRole\_getAssignUsersStatus
_getAssignUsersStatus($a_role_id)
Definition: class.ilObjRole.php:141
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only 'global' roles @access public
Definition: class.ilRbacReview.php:1252

References ilObjRole\_getAssignUsersStatus(), and getGlobalRoles().

+ Here is the call graph for this function:

◆ getGlobalRoles()

ilRbacReview::getGlobalRoles ( )

get only 'global' roles @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1252 of file class.ilRbacReview.php.

1253 {
1254 return $this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false);
1255 }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:1213

References getRolesOfRoleFolder().

Referenced by getGlobalAssignableRoles(), getRolesByFilter(), and isGlobalRole().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getGlobalRolesArray()

ilRbacReview::getGlobalRolesArray ( )

get only 'global' roles @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 1298 of file class.ilRbacReview.php.

1299 {
1300 foreach($this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false) as $role_id)
1301 {
1302 $ga[] = array('obj_id' => $role_id,
1303 'role_type' => 'global');
1304 }
1305 return $ga ? $ga : array();
1306 }

References getRolesOfRoleFolder().

+ Here is the call graph for this function:

◆ getLocalPolicies()

ilRbacReview::getLocalPolicies (   $a_ref_id)

Get all roles with local policies.

Parameters
type$a_ref_id
Returns
type

Definition at line 1282 of file class.ilRbacReview.php.

1283 {
1284 $lroles = array();
1285 foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
1286 {
1287 $lroles[] = $role_id;
1288 }
1289 return $lroles;
1290 }

References getRolesOfRoleFolder().

+ Here is the call graph for this function:

◆ getLocalRoles()

ilRbacReview::getLocalRoles (   $a_ref_id)

Get local roles of object.

Parameters
int$a_ref_id
Todo:
refactor rolf => DONE

Definition at line 1262 of file class.ilRbacReview.php.

1263 {
1264 global $ilDB;
1265
1266 $lroles = array();
1267 foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
1268 {
1269 if($this->isAssignable($role_id, $a_ref_id))
1270 {
1271 $lroles[] = $role_id;
1272 }
1273 }
1274 return $lroles;
1275 }
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users @access public.
Definition: class.ilRbacReview.php:1085

References $ilDB, getRolesOfRoleFolder(), and isAssignable().

+ Here is the call graph for this function:

◆ getNumberOfAssignedUsers()

ilRbacReview::getNumberOfAssignedUsers ( Array  $a_roles)

Get the number of assigned users to roles @global ilDB $ilDB.

Parameters
array$a_roles
Returns
int
Todo:
refactor rolf => DONE

Definition at line 891 of file class.ilRbacReview.php.

892 {
893 global $ilDB;
894
895 $query = 'SELECT COUNT(DISTINCT(usr_id)) as num FROM rbac_ua '.
896 'WHERE '.$ilDB->in('rol_id', $a_roles, false, 'integer').' ';
897
898 $res = $ilDB->query($query);
899 $row = $res->fetchRow(DB_FETCHMODE_OBJECT);
900 return $row->num ? $row->num : 0;
901 }

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

◆ getObjectOfRole()

ilRbacReview::getObjectOfRole (   $a_role_id)

Get object id of objects a role is assigned to.

Todo:
refactor rolf (due to performance reasons the new version does not check for deleted roles only in object reference)

@access public

Parameters
introle id

Definition at line 2129 of file class.ilRbacReview.php.

2130 {
2131 // internal cache
2132 static $obj_cache = array();
2133
2134 global $ilDB;
2135
2136
2137 if(isset($obj_cache[$a_role_id]) and $obj_cache[$a_role_id])
2138 {
2139 return $obj_cache[$a_role_id];
2140 }
2141
2142 $query = 'SELECT obr.obj_id FROM rbac_fa rfa '.
2143 'JOIN object_reference obr ON rfa.parent = obr.ref_id '.
2144 'WHERE assign = '.$ilDB->quote('y','text'). ' '.
2145 'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2146 'AND deleted IS NULL';
2147
2148 #$query = "SELECT obr.obj_id FROM rbac_fa rfa ".
2149 # "JOIN tree ON rfa.parent = tree.child ".
2150 # "JOIN object_reference obr ON tree.parent = obr.ref_id ".
2151 # "WHERE tree.tree = 1 ".
2152 # "AND assign = 'y' ".
2153 # "AND rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
2154 $res = $ilDB->query($query);
2155
2156 $obj_cache[$a_role_id] = 0;
2157 while($row = $ilDB->fetchObject($res))
2158 {
2159 $obj_cache[$a_role_id] = $row->obj_id;
2160 }
2161 return $obj_cache[$a_role_id];
2162 }

References $ilDB, $query, $res, and $row.

Referenced by ilObjUserGUI\roleassignmentObject().

+ Here is the caller graph for this function:

◆ getObjectReferenceOfRole()

ilRbacReview::getObjectReferenceOfRole (   $a_role_id)

Get reference of role.

Parameters
object$a_role_id
Returns
int
Todo:
refactor rolf (no deleted check)

Definition at line 2170 of file class.ilRbacReview.php.

2171 {
2172 global $ilDB;
2173
2174 $query = 'SELECT parent p_ref FROM rbac_fa '.
2175 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2176 'AND assign = '.$ilDB->quote('y','text');
2177
2178 $res = $ilDB->query($query);
2179 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
2180 {
2181 return $row->p_ref;
2182 }
2183 return 0;
2184 }

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

◆ getObjectsWithStopedInheritance()

ilRbacReview::getObjectsWithStopedInheritance (   $a_rol_id,
  $a_filter = array() 
)

get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder.

@access public

Parameters
integerrole_id
arrayfilter ref_ids
Returns
array with ref_ids of objects
Todo:
refactor rolf => DONE

Definition at line 1617 of file class.ilRbacReview.php.

1618 {
1619 global $ilDB;
1620
1621 #$query = 'SELECT t.parent p FROM tree t JOIN rbac_fa fa ON fa.parent = child '.
1622 # 'WHERE assign = '.$ilDB->quote('n','text').' '.
1623 # 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1624
1625 $query = 'SELECT parent p FROM rbac_fa '.
1626 'WHERE assign = '.$ilDB->quote('n','text').' '.
1627 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1628
1629 if($a_filter)
1630 {
1631 $query .= ('AND '.$ilDB->in('parent',(array) $a_filter,false,'integer'));
1632 }
1633
1634 $res = $ilDB->query($query);
1635 $parent = array();
1636 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1637 {
1638 $parent[] = $row->p;
1639 }
1640 return $parent;
1641 }

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

◆ getOperation()

ilRbacReview::getOperation (   $ops_id)

get one operation by operation id @access public

Returns
array data of operation_id
Todo:
refactor rolf => DONE

Definition at line 1373 of file class.ilRbacReview.php.

1374 {
1375 global $ilDB;
1376
1377 $query = 'SELECT * FROM rbac_operations WHERE ops_id = '.$ilDB->quote($ops_id,'integer');
1378 $res = $this->ilDB->query($query);
1379 while($row = $ilDB->fetchObject($res))
1380 {
1381 $ops = array('ops_id' => $row->ops_id,
1382 'operation' => $row->operation,
1383 'description' => $row->description);
1384 }
1385
1386 return $ops ? $ops : array();
1387 }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1450

References $ilDB, $query, $res, $row, and ilDB\query().

+ Here is the call graph for this function:

◆ getOperationAssignment()

ilRbacReview::getOperationAssignment ( )

get operation assignments

Returns
array array(array('typ_id' => $typ_id,'title' => $title,'ops_id => '$ops_is,'operation' => $operation),...
Todo:
refactor rolf => DONE

Definition at line 2250 of file class.ilRbacReview.php.

2251 {
2252 global $ilDB;
2253
2254 $query = 'SELECT ta.typ_id, obj.title, ops.ops_id, ops.operation FROM rbac_ta ta '.
2255 'JOIN object_data obj ON obj.obj_id = ta.typ_id '.
2256 'JOIN rbac_operations ops ON ops.ops_id = ta.ops_id ';
2257 $res = $ilDB->query($query);
2258
2259 $counter = 0;
2260 while($row = $ilDB->fetchObject($res))
2261 {
2262 $info[$counter]['typ_id'] = $row->typ_id;
2263 $info[$counter]['type'] = $row->title;
2264 $info[$counter]['ops_id'] = $row->ops_id;
2265 $info[$counter]['operation'] = $row->operation;
2266 $counter++;
2267 }
2268 return $info ? $info : array();
2269
2270 }
$info
$info
Definition: example_052.php:80

References $ilDB, $info, $query, $res, and $row.

◆ getOperations()

ilRbacReview::getOperations ( )

get all possible operations @access public

Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 1351 of file class.ilRbacReview.php.

1352 {
1353 global $ilDB;
1354
1355 $query = 'SELECT * FROM rbac_operations ORDER BY ops_id ';
1356 $res = $this->ilDB->query($query);
1357 while($row = $ilDB->fetchObject($res))
1358 {
1359 $ops[] = array('ops_id' => $row->ops_id,
1360 'operation' => $row->operation,
1361 'description' => $row->description);
1362 }
1363
1364 return $ops ? $ops : array();
1365 }

References $ilDB, $query, $res, $row, and ilDB\query().

+ Here is the call graph for this function:

◆ getOperationsByTypeAndClass()

ilRbacReview::getOperationsByTypeAndClass (   $a_type,
  $a_class 
)

Get operations by type and class.

Parameters
string$a_typeType is "object" or
string$a_class
Returns
Todo:
refactor rolf => DONE

Definition at line 1576 of file class.ilRbacReview.php.

1577 {
1578 global $ilDB;
1579
1580 if($a_class != 'create')
1581 {
1582 $condition = "AND class != ".$ilDB->quote('create','text');
1583 }
1584 else
1585 {
1586 $condition = "AND class = ".$ilDB->quote('create','text');
1587 }
1588
1589 $query = "SELECT ro.ops_id FROM rbac_operations ro ".
1590 "JOIN rbac_ta rt ON ro.ops_id = rt.ops_id ".
1591 "JOIN object_data od ON rt.typ_id = od.obj_id ".
1592 "WHERE type = ".$ilDB->quote('typ','text')." ".
1593 "AND title = ".$ilDB->quote($a_type,'text')." ".
1594 $condition." ".
1595 "ORDER BY op_order ";
1596
1597 $res = $ilDB->query($query);
1598
1599 $ops = array();
1600 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1601 {
1602 $ops[] = $row->ops_id;
1603 }
1604 return $ops;
1605 }

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

◆ getOperationsOfRole()

ilRbacReview::getOperationsOfRole (   $a_rol_id,
  $a_type,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public

Parameters
integerrole_id
stringobject type
integerrole folder id
Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 1454 of file class.ilRbacReview.php.

1455 {
1456 global $ilDB,$ilLog;
1457
1458 if (!isset($a_rol_id) or !isset($a_type))
1459 {
1460 $message = get_class($this)."::getOperationsOfRole(): Missing Parameter!".
1461 "role_id: ".$a_rol_id.
1462 "type: ".$a_type.
1463 "parent_id: ".$a_parent;
1464 $ilLog->logStack("Missing parameter! ");
1465 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1466 }
1467
1468 $ops_arr = array();
1469
1470 // if no rolefolder id is given, assume global role folder as target
1471 if ($a_parent == 0)
1472 {
1473 $a_parent = ROLE_FOLDER_ID;
1474 }
1475
1476 $query = "SELECT ops_id FROM rbac_templates ".
1477 "WHERE type =".$ilDB->quote($a_type,'text')." ".
1478 "AND rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1479 "AND parent = ".$ilDB->quote($a_parent,'integer');
1480 $res = $ilDB->query($query);
1481 while ($row = $ilDB->fetchObject($res))
1482 {
1483 $ops_arr[] = $row->ops_id;
1484 }
1485
1486 return $ops_arr;
1487 }

References $ilDB, $ilLog, $query, $res, and $row.

◆ getOperationsOnType()

ilRbacReview::getOperationsOnType (   $a_typ_id)

all possible operations of a type @access public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1520 of file class.ilRbacReview.php.

1521 {
1522 global $ilDB;
1523
1524 if (!isset($a_typ_id))
1525 {
1526 $message = get_class($this)."::getOperationsOnType(): No type_id given!";
1527 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1528 }
1529
1530 #$query = "SELECT * FROM rbac_ta WHERE typ_id = ".$ilDB->quote($a_typ_id,'integer');
1531
1532 $query = 'SELECT * FROM rbac_ta ta JOIN rbac_operations o ON ta.ops_id = o.ops_id '.
1533 'WHERE typ_id = '.$ilDB->quote($a_typ_id,'integer').' '.
1534 'ORDER BY op_order';
1535
1536 $res = $ilDB->query($query);
1537
1538 while($row = $ilDB->fetchObject($res))
1539 {
1540 $ops_id[] = $row->ops_id;
1541 }
1542
1543 return $ops_id ? $ops_id : array();
1544 }

References $ilDB, $query, $res, and $row.

Referenced by getOperationsOnTypeString().

+ Here is the caller graph for this function:

◆ getOperationsOnTypeString()

ilRbacReview::getOperationsOnTypeString (   $a_type)

all possible operations of a type @access public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1554 of file class.ilRbacReview.php.

1555 {
1556 global $ilDB;
1557
1558 $query = "SELECT * FROM object_data WHERE type = 'typ' AND title = ".$ilDB->quote($a_type ,'text')." ";
1559
1560
1561 $res = $this->ilDB->query($query);
1562 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1563 {
1564 return $this->getOperationsOnType($row->obj_id);
1565 }
1566 return false;
1567 }
ilRbacReview\getOperationsOnType
getOperationsOnType($a_typ_id)
all possible operations of a type @access public
Definition: class.ilRbacReview.php:1520

References $ilDB, $query, $res, $row, DB_FETCHMODE_OBJECT, getOperationsOnType(), and ilDB\query().

+ Here is the call graph for this function:

◆ getParentRoleIds()

ilRbacReview::getParentRoleIds (   $a_endnode_id,
  $a_templates = false 
)

get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates @access public

Parameters
integerref_id of an object which is end node
booleantrue for role templates (default: false)
Returns
array array(role_ids => role_data)
Todo:
refactor rolf => DONE

Definition at line 643 of file class.ilRbacReview.php.

644 {
645 global $tree;
646
647 if (!isset($a_endnode_id))
648 {
649 $GLOBALS['ilLog']->logStack();
650 $message = get_class($this)."::getParentRoleIds(): No node_id (ref_id) given!";
651 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
652 }
653
654 //var_dump($a_endnode_id);exit;
655 //$log->write("ilRBACreview::getParentRoleIds(), 0");
656 $pathIds = $tree->getPathId($a_endnode_id);
657
658 // add system folder since it may not in the path
659 //$pathIds[0] = SYSTEM_FOLDER_ID;
660 $pathIds[0] = ROLE_FOLDER_ID;
661 //$log->write("ilRBACreview::getParentRoleIds(), 1");
662 #return $this->getParentRoles($a_endnode_id,$a_templates,$a_keep_protected);
663 return $this->__getParentRoles($pathIds,$a_templates);
664 }
ilRbacReview\__getParentRoles
__getParentRoles($a_path, $a_templates)
Note: This function performs faster than the new getParentRoles function, because it uses database in...
Definition: class.ilRbacReview.php:605

References $GLOBALS, and __getParentRoles().

+ Here is the call graph for this function:

◆ getRoleFolderOfRole()

ilRbacReview::getRoleFolderOfRole (   $a_role_id)

Get role folder of role @global ilDB $ilDB.

Parameters
int$a_role_id
Returns
int
Todo:
refactor rolf => RENAME

Definition at line 2316 of file class.ilRbacReview.php.

2317 {
2318 global $ilDB;
2319
2320 if(ilObject::_lookupType($a_role_id) == 'role')
2321 {
2322 $and = ('AND assign = '.$ilDB->quote('y','text'));
2323 }
2324 else
2325 {
2326 $and = '';
2327 }
2328
2329 $query = 'SELECT * FROM rbac_fa '.
2330 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
2331 $and;
2332 $res = $ilDB->query($query);
2333 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
2334 {
2335 return $row->parent;
2336 }
2337 return 0;
2338 }
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1196

References $ilDB, $query, $res, $row, ilObject\_lookupType(), and DB_FETCHMODE_OBJECT.

+ Here is the call graph for this function:

◆ getRoleListByObject()

ilRbacReview::getRoleListByObject (   $a_ref_id,
  $a_templates = false 
)

Returns a list of roles in an container @access public.

Parameters
integerref_id of object
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 674 of file class.ilRbacReview.php.

675 {
676 global $ilDB;
677
678 if (!isset($a_ref_id) or !isset($a_templates))
679 {
680 $message = get_class($this)."::getRoleListByObject(): Missing parameter!".
681 "ref_id: ".$a_ref_id.
682 "tpl_flag: ".$a_templates;
683 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
684 }
685
686 $role_list = array();
687
688 $where = $this->__setTemplateFilter($a_templates);
689
690 $query = "SELECT * FROM object_data ".
691 "JOIN rbac_fa ON obj_id = rol_id ".
692 $where.
693 "AND object_data.obj_id = rbac_fa.rol_id ".
694 "AND rbac_fa.parent = ".$ilDB->quote($a_ref_id,'integer')." ";
695
696 $res = $ilDB->query($query);
697 while ($row = $ilDB->fetchAssoc($res))
698 {
699 $row["desc"] = $row["description"];
700 $row["user_id"] = $row["owner"];
701 $role_list[] = $row;
702 }
703
704 $role_list = $this->__setRoleType($role_list);
705
706 return $role_list;
707 }

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by __getParentRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getRoleMailboxAddress()

ilRbacReview::getRoleMailboxAddress (   $a_role_id,
  $is_localize = true 
) 
Returns the mailbox address of a role.

Example 1: Mailbox address for an ILIAS reserved role name

The il_crs_member_345 role of the course object "English Course 1" is returned as one of the following mailbox addresses:

a) Course Member <#member@[English Course 1]> b) Course Member <#il_crs_member_345@[English Course 1]> c) Course Member <#il_crs_member_345>

Address a) is returned, if the title of the object is unique, and if there is only one local role with the substring "member" defined for the object.

Address b) is returned, if the title of the object is unique, but there is more than one local role with the substring "member" in its title.

Address c) is returned, if the title of the course object is not unique.

Example 2: Mailbox address for a manually defined role name

The "Admin" role of the category object "Courses" is returned as one of the following mailbox addresses:

a) Course Administrator <#Admin@Courses> b) Course Administrator <#Admin> c) Course Adminstrator <#il_role_34211> 

Address a) is returned, if the title of the object is unique, and
if there is only one local role with the substring "Admin" defined for
the course object.

Address b) is returned, if the title of the object is not unique, but

the role title is unique.

Address c) is returned, if neither the role title nor the title of the course object is unique.

Example 3: Mailbox address for a manually defined role title that can
       contains special characters in the local-part of a 
       mailbox address

The "Author Courses" role of the category object "Courses" is returned as one of the following mailbox addresses:

a) "#Author Courses"@Courses b) Author Courses <#il_role_34234> 

Address a) is returned, if the title of the role is unique.

Address b) is returned, if neither the role title nor the title of the course object is unique, or if the role title contains a quote or a backslash.

@param int a role id
@param boolean is_localize whether mailbox addresses should be localized
@return     String mailbox address or null, if role does not exist.
@todo refactor rolf

Definition at line 336 of file class.ilRbacReview.php.

337 {
338 global $log, $lng,$ilDB;
339
340 include_once "Services/Mail/classes/class.ilMail.php";
341 if (ilMail::_usePearMail())
342 {
343 // Retrieve the role title and the object title.
344 $query = "SELECT rdat.title role_title,odat.title object_title, ".
345 " oref.ref_id object_ref ".
346 "FROM object_data rdat ".
347 "JOIN rbac_fa fa ON fa.rol_id = rdat.obj_id ".
348 "JOIN tree rtree ON rtree.child = fa.parent ".
349 "JOIN object_reference oref ON oref.ref_id = rtree.child ".
350 "JOIN object_data odat ON odat.obj_id = oref.obj_id ".
351 "WHERE rdat.obj_id = ".$this->ilDB->quote($a_role_id,'integer')." ".
352 "AND fa.assign = 'y' ";
353 $r = $ilDB->query($query);
354 if (!$row = $ilDB->fetchObject($r))
355 {
356 //$log->write('class.ilRbacReview->getMailboxAddress('.$a_role_id.'): error role does not exist');
357 return null; // role does not exist
358 }
359 $object_title = $row->object_title;
360 $object_ref = $row->object_ref;
361 $role_title = $row->role_title;
362
363
364 // In a perfect world, we could use the object_title in the
365 // domain part of the mailbox address, and the role title
366 // with prefix '#' in the local part of the mailbox address.
367 $domain = $object_title;
368 $local_part = $role_title;
369
370
371 // Determine if the object title is unique
372 $q = "SELECT COUNT(DISTINCT dat.obj_id) count ".
373 "FROM object_data dat ".
374 "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
375 "JOIN tree ON tree.child = ref.ref_id ".
376 "WHERE title = ".$this->ilDB->quote($object_title,'text')." ".
377 "AND tree.tree = 1 ";
378 $r = $this->ilDB->query($q);
379 $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
380
381 // If the object title is not unique, we get rid of the domain.
382 if ($row->count > 1)
383 {
384 $domain = null;
385 }
386
387 // If the domain contains illegal characters, we get rid of it.
388 //if (domain != null && preg_match('/[\[\]\\]|[\x00-\x1f]/',$domain))
389 // Fix for Mantis Bug: 7429 sending mail fails because of brakets
390 // Fix for Mantis Bug: 9978 sending mail fails because of semicolon
391 if ($domain != null && preg_match('/[\[\]\\]|[\x00-\x1f]|[\x28-\x29]|[;]/',$domain))
392 {
393 $domain = null;
394 }
395
396 // If the domain contains special characters, we put square
397 // brackets around it.
398 if ($domain != null &&
399 (preg_match('/[()<>@,;:\\".\[\]]/',$domain) ||
400 preg_match('/[^\x21-\x8f]/',$domain))
401 )
402 {
403 $domain = '['.$domain.']';
404 }
405
406 // If the role title is one of the ILIAS reserved role titles,
407 // we can use a shorthand version of it for the local part
408 // of the mailbox address.
409 if (strpos($role_title, 'il_') === 0 && $domain != null)
410 {
411 $unambiguous_role_title = $role_title;
412
413 $pos = strpos($role_title, '_', 3) + 1;
414 $local_part = substr(
415 $role_title,
416 $pos,
417 strrpos($role_title, '_') - $pos
418 );
419 }
420 else
421 {
422 $unambiguous_role_title = 'il_role_'.$a_role_id;
423 }
424
425 // Determine if the local part is unique. If we don't have a
426 // domain, the local part must be unique within the whole repositry.
427 // If we do have a domain, the local part must be unique for that
428 // domain.
429 if ($domain == null)
430 {
431 $q = "SELECT COUNT(DISTINCT dat.obj_id) count ".
432 "FROM object_data dat ".
433 "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
434 "JOIN tree ON tree.child = ref.ref_id ".
435 "WHERE title = ".$this->ilDB->quote($local_part,'text')." ".
436 "AND tree.tree = 1 ";
437 }
438 else
439 {
440 $q = "SELECT COUNT(rd.obj_id) count ".
441 "FROM object_data rd ".
442 "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id ".
443 "JOIN tree t ON t.child = fa.parent ".
444 "WHERE fa.assign = 'y' ".
445 "AND t.child = ".$this->ilDB->quote($object_ref,'integer')." ".
446 "AND rd.title LIKE ".$this->ilDB->quote(
447 '%'.preg_replace('/([_%])/','\\\\$1', $local_part).'%','text')." ";
448 }
449
450 $r = $this->ilDB->query($q);
451 $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
452
453 // if the local_part is not unique, we use the unambiguous role title
454 // instead for the local part of the mailbox address
455 if ($row->count > 1)
456 {
457 $local_part = $unambiguous_role_title;
458 }
459
460 $use_phrase = true;
461
462 // If the local part contains illegal characters, we use
463 // the unambiguous role title instead.
464 if (preg_match('/[\\"\x00-\x1f]/',$local_part))
465 {
466 $local_part = $unambiguous_role_title;
467 }
468 else if(!preg_match('/^[\\x00-\\x7E]+$/i', $local_part))
469 {
470 // 2013-12-05: According to #12283, we do not accept umlauts in the local part
471 $local_part = $unambiguous_role_title;
472 $use_phrase = false;
473 }
474
475 // Add a "#" prefix to the local part
476 $local_part = '#'.$local_part;
477
478 // Put quotes around the role title, if needed
479 if (preg_match('/[()<>@,;:.\[\]\x20]/',$local_part))
480 {
481 $local_part = '"'.$local_part.'"';
482 }
483
484 $mailbox = ($domain == null) ?
485 $local_part :
486 $local_part.'@'.$domain;
487
488 if ($is_localize)
489 {
490 if (substr($role_title,0,3) == 'il_')
491 {
492 $phrase = $lng->txt(substr($role_title, 0, strrpos($role_title,'_')));
493 }
494 else
495 {
496 $phrase = $role_title;
497 }
498
499 if($use_phrase)
500 {
501 // make phrase RFC 822 conformant:
502 // - strip excessive whitespace
503 // - strip special characters
504 $phrase = preg_replace('/\s\s+/', ' ', $phrase);
505 $phrase = preg_replace('/[()<>@,;:\\".\[\]]/', '', $phrase);
506
507 $mailbox = $phrase.' <'.$mailbox.'>';
508 }
509 }
510
511 require_once './Services/PEAR/lib/Mail/RFC822.php';
512 $obj = new Mail_RFC822($mailbox, ilMail::ILIAS_HOST);
513 if(@$obj->parseAddressList() instanceof PEAR_Error)
514 {
515 $q = "SELECT title ".
516 "FROM object_data ".
517 "WHERE obj_id = ".$this->ilDB->quote($a_role_id ,'integer');
518 $r = $this->ilDB->query($q);
519
520 if ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
521 {
522 return '#'.$row->title;
523 }
524 else
525 {
526 return null;
527 }
528 }
529
530 return $mailbox;
531 }
532 else
533 {
534 $q = "SELECT title ".
535 "FROM object_data ".
536 "WHERE obj_id = ".$this->ilDB->quote($a_role_id ,'integer');
537 $r = $this->ilDB->query($q);
538
539 if($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
540 {
541 $ids_for_role_title = ilObject::_getIdsForTitle($row->title, 'role');
542 if(count($ids_for_role_title) > 1)
543 {
544 return '#il_role_' . $a_role_id;
545 }
546 else
547 {
548 return '#' . $row->title;
549 }
550 }
551 else
552 {
553 return null;
554 }
555 }
556 }
Mail_RFC822
Definition: RFC822.php:70
PEAR_Error
Definition: PEAR.php:827
ilMail\ILIAS_HOST
const ILIAS_HOST
Definition: class.ilMail.php:213
ilObject\_getIdsForTitle
static _getIdsForTitle($title, $type='', $partialmatch=false)
Definition: class.ilObject.php:966
$lng
global $lng
Definition: privfeed.php:40

References $ilDB, $lng, $log, $query, $r, $row, ilObject\_getIdsForTitle(), DB_FETCHMODE_OBJECT, if, ilMail\ILIAS_HOST, and ilDB\query().

+ Here is the call graph for this function:

◆ getRoleOperationsOnObject()

ilRbacReview::getRoleOperationsOnObject (   $a_role_id,
  $a_ref_id 
)

@global ilDB $ilDB

Parameters
type$a_role_id
type$a_ref_id
Returns
type
Todo:
rafactor rolf => DONE

Definition at line 1496 of file class.ilRbacReview.php.

1497 {
1498 global $ilDB;
1499
1500 $query = "SELECT * FROM rbac_pa ".
1501 "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ".
1502 "AND ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
1503
1504 $res = $ilDB->query($query);
1505 while($row = $ilDB->fetchObject($res))
1506 {
1507 $ops = unserialize($row->ops_id);
1508 }
1509
1510 return $ops ? $ops : array();
1511 }

References $ilDB, $query, $res, and $row.

◆ getRolesByFilter()

ilRbacReview::getRolesByFilter (   $a_filter = 0,
  $a_user_id = 0,
  $title_filter = '' 
)

@global ilDB $ilDB

Parameters
type$a_filter
type$a_user_id
type$title_filter
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1698 of file class.ilRbacReview.php.

1699 {
1700 global $ilDB;
1701
1702 $assign = "y";
1703
1704 switch($a_filter)
1705 {
1706 // all (assignable) roles
1707 case self::FILTER_ALL:
1708 return $this->getAssignableRoles(true,true,$title_filter);
1709 break;
1710
1711 // all (assignable) global roles
1712 case self::FILTER_ALL_GLOBAL:
1713 $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),false,'integer').' ';
1714 break;
1715
1716 // all (assignable) local roles
1717 case self::FILTER_ALL_LOCAL:
1718 case self::FILTER_INTERNAL:
1719 case self::FILTER_NOT_INTERNAL:
1720 $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),true,'integer');
1721 break;
1722
1723 // all role templates
1724 case self::FILTER_TEMPLATES:
1725 $where = "WHERE object_data.type = 'rolt'";
1726 $assign = "n";
1727 break;
1728
1729 // only assigned roles, handled by ilObjUserGUI::roleassignmentObject()
1730 case 0:
1731 default:
1732 if(!$a_user_id)
1733 return array();
1734
1735 $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->assignedRoles($a_user_id),false,'integer').' ';
1736 break;
1737 }
1738
1739 $roles = array();
1740
1741 $query = "SELECT * FROM object_data ".
1742 "JOIN rbac_fa ON obj_id = rol_id ".
1743 $where.
1744 "AND rbac_fa.assign = ".$ilDB->quote($assign,'text')." ";
1745
1746 if(strlen($title_filter))
1747 {
1748 $query .= (' AND '.$ilDB->like(
1749 'title',
1750 'text',
1751 '%'.$title_filter.'%'
1752 ));
1753 }
1754
1755 $res = $ilDB->query($query);
1756 while($row = $ilDB->fetchAssoc($res))
1757 {
1758 $prefix = (substr($row["title"],0,3) == "il_") ? true : false;
1759
1760 // all (assignable) internal local roles only
1761 if ($a_filter == 4 and !$prefix)
1762 {
1763 continue;
1764 }
1765
1766 // all (assignable) non internal local roles only
1767 if ($a_filter == 5 and $prefix)
1768 {
1769 continue;
1770 }
1771
1772 $row["desc"] = $row["description"];
1773 $row["user_id"] = $row["owner"];
1774 $roles[] = $row;
1775 }
1776
1777 $roles = $this->__setRoleType($roles);
1778
1779 return $roles ? $roles : array();
1780 }
ilRbacReview\getAssignableRoles
getAssignableRoles($a_templates=false, $a_internal_roles=false, $title_filter='')
Returns a list of all assignable roles @access public.
Definition: class.ilRbacReview.php:716

References $ilDB, $query, $res, $row, __setRoleType(), assignedRoles(), FILTER_ALL, FILTER_ALL_GLOBAL, FILTER_ALL_LOCAL, FILTER_INTERNAL, FILTER_NOT_INTERNAL, FILTER_TEMPLATES, getAssignableRoles(), and getGlobalRoles().

+ Here is the call graph for this function:

◆ getRolesForIDs()

ilRbacReview::getRolesForIDs (   $role_ids,
  $use_templates 
)

@global ilDB $ilDB

Parameters
type$role_ids
type$use_templates
Returns
type
Todo:
refactor rolf => DONE

Definition at line 2219 of file class.ilRbacReview.php.

2220 {
2221 global $ilDB;
2222
2223 $role_list = array();
2224
2225 $where = $this->__setTemplateFilter($use_templates);
2226
2227 $query = "SELECT * FROM object_data ".
2228 "JOIN rbac_fa ON object_data.obj_id = rbac_fa.rol_id ".
2229 $where.
2230 "AND rbac_fa.assign = 'y' " .
2231 'AND '.$ilDB->in('object_data.obj_id',$role_ids,false,'integer');
2232
2233 $res = $ilDB->query($query);
2234 while($row = $ilDB->fetchAssoc($res))
2235 {
2236 $row["desc"] = $row["description"];
2237 $row["user_id"] = $row["owner"];
2238 $role_list[] = $row;
2239 }
2240
2241 $role_list = $this->__setRoleType($role_list);
2242 return $role_list;
2243 }

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

+ Here is the call graph for this function:

◆ getRolesOfObject()

ilRbacReview::getRolesOfObject (   $a_ref_id,
  $a_assignable_only = FALSE 
)

Get roles of object.

Parameters
type$a_ref_id
type$a_assignable
Exceptions
InvalidArgumentException
Todo:
refactor rolf => DONE

Definition at line 1173 of file class.ilRbacReview.php.

1174 {
1175 global $ilDB;
1176
1177 if(!isset($a_ref_id))
1178 {
1179 $GLOBALS['ilLog']->logStack();
1180 throw new InvalidArgumentException(__METHOD__.': No ref_id given!');
1181 }
1182 if($a_assignable_only === TRUE)
1183 {
1184 $and = 'AND assign = '.$ilDB->quote('y','text');
1185 }
1186 $query = "SELECT rol_id FROM rbac_fa ".
1187 "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
1188 $and;
1189
1190 $res = $ilDB->query($query);
1191
1192 $role_ids = array();
1193 while($row = $ilDB->fetchObject($res))
1194 {
1195 $role_ids[] = $row->rol_id;
1196 }
1197 return $role_ids;
1198 }

References $GLOBALS, $ilDB, $query, $res, and $row.

◆ getRolesOfRoleFolder()

ilRbacReview::getRolesOfRoleFolder (   $a_ref_id,
  $a_nonassignable = true 
)

get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids @access public

Parameters
integerref_id of object
booleanif false only get true local roles
Returns
array Array with rol_ids
Deprecated:
since version 4.5.0
Todo:
refactor rolf => RENAME

Definition at line 1213 of file class.ilRbacReview.php.

1214 {
1215 global $ilBench,$ilDB,$ilLog;
1216
1217 $ilBench->start("RBAC", "review_getRolesOfRoleFolder");
1218
1219 if (!isset($a_ref_id))
1220 {
1221 $message = get_class($this)."::getRolesOfRoleFolder(): No ref_id given!";
1222 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1223
1224 }
1225
1226 if ($a_nonassignable === false)
1227 {
1228 $and = " AND assign='y'";
1229 }
1230
1231 $query = "SELECT rol_id FROM rbac_fa ".
1232 "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
1233 $and;
1234
1235 $res = $ilDB->query($query);
1236 while($row = $ilDB->fetchObject($res))
1237 {
1238 $rol_id[] = $row->rol_id;
1239 }
1240
1241 $ilBench->stop("RBAC", "review_getRolesOfRoleFolder");
1242
1243 return $rol_id ? $rol_id : array();
1244 }

References $ilBench, $ilDB, $ilLog, $query, $res, and $row.

Referenced by getGlobalRoles(), getGlobalRolesArray(), getLocalPolicies(), and getLocalRoles().

+ Here is the caller graph for this function:

◆ getTypeId()

ilRbacReview::getTypeId (   $a_type)

Get type id of object @global ilDB $ilDB.

Parameters
type$a_type
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1789 of file class.ilRbacReview.php.

1790 {
1791 global $ilDB;
1792
1793 $q = "SELECT obj_id FROM object_data ".
1794 "WHERE title=".$ilDB->quote($a_type ,'text')." AND type='typ'";
1795 $r = $ilDB->query($q);
1796
1797 $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
1798 return $row->obj_id;
1799 }

References $ilDB, $r, $row, and DB_FETCHMODE_OBJECT.

◆ getUserPermissionsOnObject()

ilRbacReview::getUserPermissionsOnObject (   $a_user_id,
  $a_ref_id 
)

Get all user permissions on an object.

Parameters
int$a_user_iduser id
int$a_ref_idref id
Todo:
refactor rolf => DONE

Definition at line 2347 of file class.ilRbacReview.php.

2348 {
2349 global $ilDB;
2350
2351 $query = "SELECT ops_id FROM rbac_pa JOIN rbac_ua ".
2352 "ON (rbac_pa.rol_id = rbac_ua.rol_id) ".
2353 "WHERE rbac_ua.usr_id = ".$ilDB->quote($a_user_id,'integer')." ".
2354 "AND rbac_pa.ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
2355
2356 $res = $ilDB->query($query);
2357 $all_ops = array();
2358 while ($row = $ilDB->fetchObject($res))
2359 {
2360 $ops = unserialize($row->ops_id);
2361 $all_ops = array_merge($all_ops, $ops);
2362 }
2363 $all_ops = array_unique($all_ops);
2364
2365 $set = $ilDB->query("SELECT operation FROM rbac_operations ".
2366 " WHERE ".$ilDB->in("ops_id", $all_ops, false, "integer"));
2367 $perms = array();
2368 while ($rec = $ilDB->fetchAssoc($set))
2369 {
2370 $perms[] = $rec["operation"];
2371 }
2372
2373 return $perms;
2374 }

References $ilDB, $query, $res, and $row.

◆ hasMultipleAssignments()

ilRbacReview::hasMultipleAssignments (   $a_role_id)

Temporary bugfix.

Todo:
refactor rolf => DONE

Definition at line 1119 of file class.ilRbacReview.php.

1120 {
1121 global $ilDB;
1122
1123 $query = "SELECT * FROM rbac_fa WHERE rol_id = ".$ilDB->quote($a_role_id,'integer').' '.
1124 "AND assign = ".$ilDB->quote('y','text');
1125 $res = $ilDB->query($query);
1126 return $res->numRows() > 1;
1127 }

References $ilDB, $query, and $res.

◆ isAssignable()

ilRbacReview::isAssignable (   $a_rol_id,
  $a_ref_id 
)

Check if its possible to assign users @access public.

Parameters
integerobject id of role
integerref_id of object in question
Returns
boolean
Todo:
refactor rolf (expects object reference id instead of rolf) => DONE

Definition at line 1085 of file class.ilRbacReview.php.

1086 {
1087 global $ilBench,$ilDB;
1088
1089 $ilBench->start("RBAC", "review_isAssignable");
1090
1091 // exclude system role from rbac
1092 if ($a_rol_id == SYSTEM_ROLE_ID)
1093 {
1094 $ilBench->stop("RBAC", "review_isAssignable");
1095 return true;
1096 }
1097
1098 if (!isset($a_rol_id) or !isset($a_ref_id))
1099 {
1100 $message = get_class($this)."::isAssignable(): Missing parameter!".
1101 " role_id: ".$a_rol_id." ,ref_id: ".$a_ref_id;
1102 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1103 }
1104 $query = "SELECT * FROM rbac_fa ".
1105 "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
1106 "AND parent = ".$ilDB->quote($a_ref_id,'integer')." ";
1107 $res = $ilDB->query($query);
1108 $row = $ilDB->fetchObject($res);
1109
1110 $ilBench->stop("RBAC", "review_isAssignable");
1111 return $row->assign == 'y' ? true : false;
1112 }

References $ilBench, $ilDB, $query, $res, and $row.

Referenced by getLocalRoles(), and isDeleteable().

+ Here is the caller graph for this function:

◆ isAssigned()

ilRbacReview::isAssigned (   $a_usr_id,
  $a_role_id 
)

check if a specific user is assigned to specific role @access public

Parameters
integerusr_id
integerrole_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 986 of file class.ilRbacReview.php.

987 {
988 if(isset(self::$is_assigned_cache[$a_role_id][$a_usr_id])) {
989 return self::$is_assigned_cache[$a_role_id][$a_usr_id];
990 }
991 // Quickly determine if user is assigned to a role
992 global $ilDB;
993
994 $ilDB->setLimit(1,0);
995 $query = "SELECT usr_id FROM rbac_ua WHERE ".
996 "rol_id= ".$ilDB->quote($a_role_id,'integer')." ".
997 "AND usr_id= ".$ilDB->quote($a_usr_id);
998 $res = $ilDB->query($query);
999
1000 $is_assigned = $res->numRows() == 1;
1001 self::$is_assigned_cache[$a_role_id][$a_usr_id] = $is_assigned;
1002
1003 return $is_assigned;
1004 }

References $ilDB, $query, and $res.

◆ isAssignedToAtLeastOneGivenRole()

ilRbacReview::isAssignedToAtLeastOneGivenRole (   $a_usr_id,
  $a_role_ids 
)

check if a specific user is assigned to at least one of the given role ids.

This function is used to quickly check whether a user is member of a course or a group.

@access public

Parameters
integerusr_id
array[integer]role_ids
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1018 of file class.ilRbacReview.php.

1019 {
1020 global $ilDB;
1021
1022 $ilDB->setLimit(1,0);
1023 $query = "SELECT usr_id FROM rbac_ua WHERE ".
1024 $ilDB->in('rol_id',$a_role_ids,false,'integer').
1025 " AND usr_id= ".$ilDB->quote($a_usr_id);
1026 $res = $ilDB->query($query);
1027
1028 return $ilDB->numRows($res) == 1;
1029 }

References $ilDB, $query, and $res.

◆ isBlockedAtPosition()

ilRbacReview::isBlockedAtPosition (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked at position @global ilDB $ilDB.

Parameters
type$a_role_id
type$a_ref_id
Returns
boolean

Definition at line 1935 of file class.ilRbacReview.php.

1936 {
1937 global $ilDB;
1938
1939 $query = 'SELECT blocked from rbac_fa '.
1940 'WHERE rol_id = '. $ilDB->quote($a_role_id,'integer').' '.
1941 'AND parent = '.$ilDB->quote($a_ref_id,'integer');
1942 $res = $ilDB->query($query);
1943 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1944 {
1945 return (bool) $row->blocked;
1946 }
1947 return FALSE;
1948 }

References $ilDB, $query, $res, $row, and DB_FETCHMODE_OBJECT.

Referenced by isBlockedInUpperContext().

+ Here is the caller graph for this function:

◆ isBlockedInUpperContext()

ilRbacReview::isBlockedInUpperContext (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked in upper context.

Parameters
type$a_role_id
type$a_ref_id

Definition at line 1955 of file class.ilRbacReview.php.

1956 {
1957 global $ilDB, $tree;
1958
1959 if($this->isBlockedAtPosition($a_role_id, $a_ref_id))
1960 {
1961 return FALSE;
1962 }
1963 $query = 'SELECT parent from rbac_fa '.
1964 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1965 'AND blocked = '.$ilDB->quote(1,'integer');
1966 $res = $ilDB->query($query);
1967
1968 $parent_ids = array();
1969 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1970 {
1971 $parent_ids[] = $row->parent;
1972 }
1973
1974 foreach($parent_ids as $parent_id)
1975 {
1976 if($tree->isGrandChild($parent_id, $a_ref_id))
1977 {
1978 return TRUE;
1979 }
1980 }
1981 return FALSE;
1982 }
ilRbacReview\isBlockedAtPosition
isBlockedAtPosition($a_role_id, $a_ref_id)
Check if role is blocked at position @global ilDB $ilDB.
Definition: class.ilRbacReview.php:1935

References $ilDB, $query, $res, $row, DB_FETCHMODE_OBJECT, and isBlockedAtPosition().

+ Here is the call graph for this function:

◆ isDeleteable()

ilRbacReview::isDeleteable (   $a_role_id,
  $a_rolf_id 
)

Check if role is deleteable at a specific position.

Parameters
object$a_role_id
introlf_id
Returns
Todo:
refactor rolf => DONE

Definition at line 2279 of file class.ilRbacReview.php.

2280 {
2281 if(!$this->isAssignable($a_role_id, $a_rolf_id))
2282 {
2283 return false;
2284 }
2285 if($a_role_id == SYSTEM_ROLE_ID or $a_role_id == ANONYMOUS_ROLE_ID)
2286 {
2287 return false;
2288 }
2289 if(substr(ilObject::_lookupTitle($a_role_id),0,3) == 'il_')
2290 {
2291 return false;
2292 }
2293 return true;
2294 }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:944

References ilObject\_lookupTitle(), and isAssignable().

+ Here is the call graph for this function:

◆ isDeleted()

ilRbacReview::isDeleted (   $a_node_id)

Checks if a rolefolder is set as deleted (negative tree_id) @access public.

Parameters
integerref_id of rolefolder
Returns
boolean true if rolefolder is set as deleted
Todo:
refactor rolf => DELETE method

Definition at line 1650 of file class.ilRbacReview.php.

1651 {
1652 global $ilDB;
1653
1654 $q = "SELECT tree FROM tree WHERE child =".$ilDB->quote($a_node_id)." ";
1655 $r = $this->ilDB->query($q);
1656
1657 $row = $r->fetchRow(DB_FETCHMODE_OBJECT);
1658
1659 if (!$row)
1660 {
1661 $message = sprintf('%s::isDeleted(): Role folder with ref_id %s not found!',
1662 get_class($this),
1663 $a_node_id);
1664 $this->log->write($message,$this->log->FATAL);
1665
1666 return true;
1667 }
1668
1669 // rolefolder is deleted
1670 if ($row->tree < 0)
1671 {
1672 return true;
1673 }
1674
1675 return false;
1676 }

References $ilDB, $r, $row, DB_FETCHMODE_OBJECT, and ilDB\query().

Referenced by isRoleDeleted().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isGlobalRole()

ilRbacReview::isGlobalRole (   $a_role_id)

Check if role is a global role.

Parameters
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1684 of file class.ilRbacReview.php.

1685 {
1686 return in_array($a_role_id,$this->getGlobalRoles());
1687 }

References getGlobalRoles().

+ Here is the call graph for this function:

◆ isProtected()

ilRbacReview::isProtected (   $a_ref_id,
  $a_role_id 
)
Todo:
refactor rolf => search calls @global ilDB $ilDB
Parameters
type$a_ref_id
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1915 of file class.ilRbacReview.php.

1916 {
1917 global $ilDB;
1918
1919 // ref_id not used yet. protected permission acts 'global' for each role,
1920 $query = "SELECT protected FROM rbac_fa ".
1921 "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
1922 $res = $ilDB->query($query);
1923 $row = $ilDB->fetchAssoc($res);
1924
1925 return ilUtil::yn2tf($row['protected']);
1926 }
ilUtil\yn2tf
static yn2tf($a_yn)
convert "y"/"n" to true/false
Definition: class.ilUtil.php:3296

References $ilDB, $query, $res, $row, and ilUtil\yn2tf().

+ Here is the call graph for this function:

◆ isRoleAssignedToObject()

ilRbacReview::isRoleAssignedToObject (   $a_role_id,
  $a_parent_id 
)

Check if role is assigned to an object.

Todo:
refactor rolf => DONE (renamed)

Definition at line 1334 of file class.ilRbacReview.php.

1335 {
1336 global $rbacreview, $ilDB;
1337
1338 $query = 'SELECT * FROM rbac_fa '.
1339 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1340 'AND parent = '.$ilDB->quote($a_parent_id,'integer');
1341 $res = $ilDB->query($query);
1342 return $res->numRows() ? true : false;
1343 }

References $ilDB, $query, and $res.

◆ isRoleDeleted()

ilRbacReview::isRoleDeleted (   $a_role_id)

return if role is only attached to deleted role folders

Parameters
int$a_role_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 2193 of file class.ilRbacReview.php.

2194 {
2195 $rolf_list = $this->getFoldersAssignedToRole($a_role_id, false);
2196 $deleted = true;
2197 if (count($rolf_list))
2198 {
2199 foreach ($rolf_list as $rolf) {
2200 // only list roles that are not set to status "deleted"
2201 if (!$this->isDeleted($rolf))
2202 {
2203 $deleted = false;
2204 break;
2205 }
2206 }
2207 }
2208 return $deleted;
2209 }
ilRbacReview\isDeleted
isDeleted($a_node_id)
Checks if a rolefolder is set as deleted (negative tree_id) @access public.
Definition: class.ilRbacReview.php:1650
ilRbacReview\getFoldersAssignedToRole
getFoldersAssignedToRole($a_rol_id, $a_assignable=false)
Returns an array of objects assigned to a role.
Definition: class.ilRbacReview.php:1140

References getFoldersAssignedToRole(), and isDeleted().

+ Here is the call graph for this function:

◆ isSystemGeneratedRole()

ilRbacReview::isSystemGeneratedRole (   $a_role_id)

Check if the role is system generate role or role template.

Parameters
int$a_role_id
Returns
bool
Todo:
refactor rolf => DONE

Definition at line 2302 of file class.ilRbacReview.php.

2303 {
2304 $title = ilObject::_lookupTitle($a_role_id);
2305 return substr($title,0,3) == 'il_' ? true : false;
2306 }

References ilObject\_lookupTitle().

+ Here is the call graph for this function:

◆ lookupCreateOperationIds()

static ilRbacReview::lookupCreateOperationIds (   $a_type_arr)
static

Lookup operation ids.

Parameters
array$a_type_arre.g array('cat','crs','grp'). The operation name (e.g. 'create_cat') is generated automatically
Returns
array int Array with operation ids
Todo:
refactor rolf => DONE

Definition at line 1874 of file class.ilRbacReview.php.

1875 {
1876 global $ilDB;
1877
1878 $operations = array();
1879 foreach($a_type_arr as $type)
1880 {
1881 $operations[] = ('create_'.$type);
1882 }
1883
1884 if(!count($operations))
1885 {
1886 return array();
1887 }
1888
1889 $query = 'SELECT ops_id, operation FROM rbac_operations '.
1890 'WHERE '.$ilDB->in('operation',$operations,false,'text');
1891
1892 $res = $ilDB->query($query);
1893
1894 $ops_ids = array();
1895 while($row = $ilDB->fetchObject($res))
1896 {
1897 $type_arr = explode('_', $row->operation);
1898 $type = $type_arr[1];
1899
1900 $ops_ids[$type] = $row->ops_id;
1901 }
1902 return $ops_ids;
1903 }

References $ilDB, $query, $res, and $row.

Referenced by ilObjectXMLWriter\__appendOperations(), ilObjectRolePermissionTableGUI\parse(), ilObjectRoleTemplatePermissionTableGUI\parse(), ilPermissionGUI\savePermissions(), and ilObjStudyProgrammeTest\testCreatePermissionExists().

+ Here is the caller graph for this function:

◆ roleExists()

ilRbacReview::roleExists (   $a_title,
  $a_id = 0 
)

Checks if a role already exists.

Role title should be unique @access public

Parameters
stringrole title
integerobj_id of role to exclude in the check. Commonly this is the current role you want to edit
Returns
boolean true if exists
Todo:
refactor rolf => DONE

Definition at line 567 of file class.ilRbacReview.php.

568 {
569 global $ilDB;
570
571 if (empty($a_title))
572 {
573 $message = get_class($this)."::roleExists(): No title given!";
574 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
575 }
576
577 $clause = ($a_id) ? " AND obj_id != ".$ilDB->quote($a_id)." " : "";
578
579 $q = "SELECT DISTINCT(obj_id) obj_id FROM object_data ".
580 "WHERE title =".$ilDB->quote($a_title)." ".
581 "AND type IN('role','rolt')".
582 $clause." ";
583 $r = $this->ilDB->query($q);
584
585 while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
586 {
587 return $row->obj_id;
588 }
589 return false;
590 }

References $ilDB, $r, $row, DB_FETCHMODE_OBJECT, and ilDB\query().

+ Here is the call graph for this function:

◆ searchRolesByMailboxAddressList()

ilRbacReview::searchRolesByMailboxAddressList (   $a_address_list)

Finds all role ids that match the specified user friendly role mailbox address list.

The role mailbox name address list is an e-mail address list according to IETF RFC 822:

address list = role mailbox, {"," role mailbox } ; role mailbox = "#", local part, ["@" domain] ;

Examples: The following role mailbox names are all resolved to the role il_crs_member_123:

#Course.A #member@Course.A #il_crs_member_123@Course.A #il_crs_member_123 #il_crs_member_123@ilias

Examples: The following role mailbox names are all resolved to the role il_crs_member_345:

#member@[English Course] #il_crs_member_345@[English Course] #il_crs_member_345 #il_crs_member_345@ilias

If only the local part is specified, or if domain is equal to "ilias", ILIAS compares the title of role objects with local part. Only roles that are not in a trash folder are considered for the comparison.

If a domain is specified, and if the domain is not equal to "ilias", ILIAS compares the title of objects with the domain. Only objects that are not in a trash folder are considered for the comparison. Then ILIAS searches for local roles which contain the local part in their title. This allows for abbreviated role names, e.g. instead of having to specify #il_grp_member_345@MyGroup, it is sufficient to specify #member@MyGroup.

The address list may contain addresses thate are not role mailboxes. These addresses are ignored.

If a role mailbox address is ambiguous, this function returns the ID's of all role objects that are possible recipients for the role mailbox address.

If Pear Mail is not installed, then the mailbox address

@access public

Parameters
stringIETF RFX 822 address list containing role mailboxes.
Returns
int[] Array with role ids that were found
Todo:
refactor rolf

Definition at line 115 of file class.ilRbacReview.php.

116 {
117 global $ilDB;
118
119 $role_ids = array();
120
121 include_once "Services/Mail/classes/class.ilMail.php";
122 if(ilMail::_usePearMail())
123 {
124 require_once './Services/PEAR/lib/Mail/RFC822.php';
125 $parser = new Mail_RFC822();
126 $parsedList = $parser->parseAddressList($a_address_list, ilMail::ILIAS_HOST, false, true);
127 foreach ($parsedList as $address)
128 {
129 $local_part = $address->mailbox;
130 if (strpos($local_part,'#') !== 0 &&
131 !($local_part{0} == '"' && $local_part{1} == "#"))
132 {
133 // A local-part which doesn't start with a '#' doesn't denote a role.
134 // Therefore we can skip it.
135 continue;
136 }
137
138 $local_part = substr($local_part, 1);
139
140 /* If role contains spaces, eg. 'foo role', double quotes are added which have to be
141 removed here.*/
142 if( $local_part{0} == '#' && $local_part{strlen($local_part) - 1} == '"' )
143 {
144 $local_part = substr($local_part, 1);
145 $local_part = substr($local_part, 0, strlen($local_part) - 1);
146 }
147
148 if (substr($local_part,0,8) == 'il_role_')
149 {
150 $role_id = substr($local_part,8);
151 $query = "SELECT t.tree ".
152 "FROM rbac_fa fa ".
153 "JOIN tree t ON t.child = fa.parent ".
154 "WHERE fa.rol_id = ".$this->ilDB->quote($role_id,'integer')." ".
155 "AND fa.assign = 'y' ".
156 "AND t.tree = 1";
157 $r = $ilDB->query($query);
158 if ($r->numRows() > 0)
159 {
160 $role_ids[] = $role_id;
161 }
162 continue;
163 }
164
165
166 $domain = $address->host;
167 if (strpos($domain,'[') == 0 && strrpos($domain,']'))
168 {
169 $domain = substr($domain,1,strlen($domain) - 2);
170 }
171 if (strlen($local_part) == 0)
172 {
173 $local_part = $domain;
174 $address->host = ilMail::ILIAS_HOST;
175 $domain = ilMail::ILIAS_HOST;
176 }
177
178 if (strtolower($address->host) == ilMail::ILIAS_HOST)
179 {
180 // Search for roles = local-part in the whole repository
181 $query = "SELECT dat.obj_id ".
182 "FROM object_data dat ".
183 "JOIN rbac_fa fa ON fa.rol_id = dat.obj_id ".
184 "JOIN tree t ON t.child = fa.parent ".
185 "WHERE dat.title =".$this->ilDB->quote($local_part,'text')." ".
186 "AND dat.type = 'role' ".
187 "AND fa.assign = 'y' ".
188 "AND t.tree = 1";
189 }
190 else
191 {
192 // Search for roles like local-part in objects = host
193 $query = "SELECT rdat.obj_id ".
194 "FROM object_data odat ".
195 "JOIN object_reference oref ON oref.obj_id = odat.obj_id ".
196 "JOIN tree otree ON otree.child = oref.ref_id ".
197 "JOIN rbac_fa rfa ON rfa.parent = otree.child ".
198 "JOIN object_data rdat ON rdat.obj_id = rfa.rol_id ".
199 "WHERE odat.title = ".$this->ilDB->quote($domain,'text')." ".
200 "AND otree.tree = 1 ".
201 "AND rfa.assign = 'y' ".
202 "AND rdat.title LIKE ".
203 $this->ilDB->quote('%'.preg_replace('/([_%])/','\\\\$1',$local_part).'%','text');
204 }
205 $r = $ilDB->query($query);
206
207 $count = 0;
208 while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
209 {
210 $role_ids[] = $row->obj_id;
211 $count++;
212 }
213
214 // Nothing found?
215 // In this case, we search for roles = host.
216 if ($count == 0 && strtolower($address->host) == ilMail::ILIAS_HOST)
217 {
218 $q = "SELECT dat.obj_id ".
219 "FROM object_data dat ".
220 "JOIN object_reference ref ON ref.obj_id = dat.obj_id ".
221 "JOIN tree t ON t.child = ref.ref_id ".
222 "WHERE dat.title = ".$this->ilDB->quote($domain ,'text')." ".
223 "AND dat.type = 'role' ".
224 "AND t.tree = 1 ";
225 $r = $this->ilDB->query($q);
226
227 while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
228 {
229 $role_ids[] = $row->obj_id;
230 }
231 }
232 //echo '<br>ids='.var_export($role_ids,true);
233 }
234 }
235 else
236 {
237 // the following code is executed, when Pear Mail is
238 // not installed
239
240 $titles = explode(',', $a_address_list);
241
242 $titleList = '';
243 foreach ($titles as $title)
244 {
245 if (strlen($inList) > 0)
246 {
247 $titleList .= ',';
248 }
249 $title = trim($title);
250 if (strpos($title,'#') == 0)
251 {
252 $titleList .= $this->ilDB->quote(substr($title, 1));
253 }
254 }
255 if (strlen($titleList) > 0)
256 {
257 $q = "SELECT obj_id ".
258 "FROM object_data ".
259 "WHERE title IN (".$titleList.") ".
260 "AND type='role'";
261 $r = $this->ilDB->query($q);
262 while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
263 {
264 $role_ids[] = $row->obj_id;
265 }
266 }
267 }
268
269 return $role_ids;
270 }
ilDB\quote
quote($a_query, $a_type=null)
Wrapper for quote method.
Definition: class.ilDB.php:2342

References $ilDB, $query, $r, $row, DB_FETCHMODE_OBJECT, ilMail\ILIAS_HOST, ilDB\query(), and ilDB\quote().

+ Here is the call graph for this function:

◆ setAssignedCacheEntry()

ilRbacReview::setAssignedCacheEntry (   $a_role_id,
  $a_user_id,
  $a_value 
)

set entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id
bool$a_value

Definition at line 2382 of file class.ilRbacReview.php.

2383 {
2384 self::$is_assigned_cache[$a_role_id][$a_user_id] = $a_value;
2385 }

Field Documentation

◆ $_opsCache

ilRbacReview::$_opsCache = null
staticprivate

Definition at line 32 of file class.ilRbacReview.php.

◆ $assigned_roles

ilRbacReview::$assigned_roles = array()
protected

Definition at line 28 of file class.ilRbacReview.php.

◆ $assigned_users_cache

ilRbacReview::$assigned_users_cache = array()
staticprotected

Definition at line 37 of file class.ilRbacReview.php.

◆ $is_assigned_cache

ilRbacReview::$is_assigned_cache = array()
staticprotected

Definition at line 42 of file class.ilRbacReview.php.

◆ $log

ilRbacReview::$log = null

Definition at line 29 of file class.ilRbacReview.php.

Referenced by __setProtectedStatus(), and getRoleMailboxAddress().

◆ FILTER_ALL

const ilRbacReview::FILTER_ALL = 1

Definition at line 21 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_ALL_GLOBAL

const ilRbacReview::FILTER_ALL_GLOBAL = 2

Definition at line 22 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_ALL_LOCAL

const ilRbacReview::FILTER_ALL_LOCAL = 3

Definition at line 23 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_INTERNAL

const ilRbacReview::FILTER_INTERNAL = 4

Definition at line 24 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_NOT_INTERNAL

const ilRbacReview::FILTER_NOT_INTERNAL = 5

Definition at line 25 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_TEMPLATES

const ilRbacReview::FILTER_TEMPLATES = 6

Definition at line 26 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

The documentation for this class was generated from the following file: