ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilObjectPermissionStatusGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
15class ilObjectPermissionStatusGUI
16{
18 var $user;
20 var $lng;
22 var $ilCtrl;
24 var $tpl;
26 var $object;
28 var $rbacreview;
29 var $user_roles;
30 var $global_roles;
31 var $valid_roles;
32 var $assigned_valid_roles;
33
34 const IMG_OK = 0;
35 const IMG_NOT_OK = 1;
36
37
42 public function __construct(&$a_obj)
43 {
44 global $ilCtrl,$lng,$rbacreview, $tpl;
45
46 $this->lng = $lng;
47 $this->ilCtrl = $ilCtrl;
48 $this->tpl = $tpl;
49 $this->object = $a_obj;
50 $this->rbacreview = $rbacreview;
51
52 $this->user = $this->getUser();
53 $this->user_roles = $rbacreview->assignedRoles($this->user->getId());
54 $this->global_roles = $rbacreview->getGlobalRoles();
55 $this->valid_roles = $rbacreview->getParentRoleIds($this->object->getRefId());
56 $this->assigned_valid_roles = $this->getAssignedValidRoles();
57
58 }
59
63 public function &executeCommand()
64 {
65 global $ilCtrl;
66
67 // determine next class in the call structure
68 $next_class = $this->ilCtrl->getNextClass($this);
69
70 switch($next_class)
71 {
72 case 'ilrepositorysearchgui':
73 include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
74 $rep_search =& new ilRepositorySearchGUI();
75 $this->ilCtrl->setReturn($this,'perminfo');
76 $this->ilCtrl->forwardCommand($rep_search);
77 break;
78
79 default:
80 $cmd = $this->ilCtrl->getCmd();
81 $this->$cmd();
82 break;
83 }
84 }
85
89 function perminfo()
90 {
91 $tpl = new ilTemplate("tpl.info_layout.html", false, false, "Services/AccessControl");
92
93 $tpl->setVariable("INFO_SUMMARY",$this->accessStatusInfo());
94 $tpl->setVariable("INFO_PERMISSIONS",$this->accessPermissionsTable());
95 $tpl->setVariable("INFO_ROLES",$this->availableRolesTable());
96 $tpl->setVariable("INFO_REMARK_INTERRUPTED",$this->lng->txt('info_remark_interrupted'));
97
98 $this->tpl->setVariable("ADM_CONTENT", $tpl->get());
99
100 $this->addToolbar();
101 }
102
106 function addToolbar()
107 {
108 global $ilToolbar;
109
110 $ilToolbar->setFormAction($this->ilCtrl->getFormAction($this, "perminfo"));
111
112 $ilToolbar->addText($this->lng->txt('user'));
113
114 include_once("./Services/Form/classes/class.ilTextInputGUI.php");
115
116 $login = new ilTextInputGUI($this->lng->txt("username"), "user_login");
117 $login->setDataSource($this->ilCtrl->getLinkTargetByClass(array(get_class($this),
118 'ilRepositorySearchGUI'), 'doUserAutoComplete', '', true));
119 $login->setSize(15);
120 $login->setValue($this->user->getLogin());
121
122 $ilToolbar->addInputItem($login);
123
124 $ilToolbar->addFormButton($this->lng->txt("info_change_user_view"), "perminfo");
125
126 //$ilToolbar->addText($lng->txt("info_enter_login_or_id"));
127 }
128
133 function accessStatusInfo()
134 {
135 include_once("./Services/InfoScreen/classes/class.ilInfoScreenGUI.php");
136
137 $info = new ilInfoScreenGUI(new stdClass());
138 $info->setFormAction($this->ilCtrl->getFormAction($this));
139
140 $info->addSection($this->lng->txt("info_access_and_status_info"));
141
142 foreach($this->getAccessStatusInfoData() as $data)
143 {
144 $info->addProperty($data[0], $data[1]);
145 }
146
147 return $info->getHTML();
148 }
149
154 function accessPermissionsTable()
155 {
156 include_once("./Services/AccessControl/classes/class.ilAccessPermissionsStatusTableGUI.php");
157
158 $table = new ilAccessPermissionsStatusTableGUI($this, "perminfo");
159
160 $table->setData($this->getAccessPermissionTableData());
161 $table->setTitle($this->lng->txt("info_access_permissions"));
162
163 return $table->getHTML();
164 }
165
170 function availableRolesTable()
171 {
172 include_once("./Services/AccessControl/classes/class.ilAvailableRolesStatusTableGUI.php");
173
174 $table = new ilAvailableRolesStatusTableGUI($this, "perminfo");
175
176 $table->setData($this->getAvailableRolesTableData());
177 $table->setTitle($this->lng->txt("info_available_roles"));
178
179 return $table->getHTML();
180 }
181
186 function getAssignedValidRoles()
187 {
188 include_once ('./Services/AccessControl/classes/class.ilObjRole.php');
189 $assigned_valid_roles = array();
190
191 foreach ($this->valid_roles as $role)
192 {
193 if (in_array($role['obj_id'],$this->user_roles))
194 {
195 if ($role["obj_id"] == SYSTEM_ROLE_ID)
196 {
197 // get all possible operation of current object
198 $ops_list = ilRbacReview::_getOperationList($this->object->getType());
199
200 foreach ($ops_list as $ops_data)
201 {
202 $ops[] = (int) $ops_data['ops_id'];
203 }
204
205 $role['ops'] = $ops;
206 }
207 else
208 {
209 $role['ops'] = $this->rbacreview->getRoleOperationsOnObject($role["obj_id"],$this->object->getRefId());
210 }
211
212 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
213 $role['translation'] = str_replace(" ","&nbsp;",ilObjRole::_getTranslation($role["title"]));
214 $assigned_valid_roles[] = $role;
215 }
216 }
217
218 $this->assigned_valid_roles = $assigned_valid_roles;
219
220 return $assigned_valid_roles;
221 }
222
228 function getCommands($a_type)
229 {
230 global $objDefinition;
231
232 $class = $objDefinition->getClassName($a_type);
233 $location = $objDefinition->getLocation($a_type);
234 $full_class = "ilObj".$class."Access";
235 include_once($location."/class.".$full_class.".php");
236
237 $cmds = call_user_func(array($full_class, "_getCommands"));
238
239 array_push($cmds,array('permission' => 'visible','cmd' => 'info'));
240
241 return $cmds;
242 }
243
248 function getUser()
249 {
250 global $ilUser;
251
252 if (!isset($_POST['user_login']))
253 {
254 $user =& $ilUser;
255 }
256 else
257 {
258 include_once('Services/User/classes/class.ilObjUser.php');
259 $user_id = ilObjUser::_lookupId($_POST['user_login']);
260
261 $factory = new ilObjectFactory();
262 $user = $factory->getInstanceByObjId($user_id,false);
263
264
265 if ($user === false or $user->getType() != 'usr')
266 {
267 $user =& $ilUser;
268 ilUtil::sendFailure($this->lng->txt('info_err_user_not_exist'));
269 }
270 else
271 {
272 ilUtil::sendInfo($this->lng->txt('info_user_view_changed'));
273 }
274 }
275
276 return $user;
277 }
278
283 function getAccessStatusInfoData()
284 {
285 global $ilAccess;
286 $infos = array();
287
288 $result_set[0][] = $this->lng->txt("info_view_of_user");
289 $result_set[0][] = $this->user->getFullname()." (#".$this->user->getId().")";
290
291 $assigned_valid_roles = array();
292
293 foreach ($this->getAssignedValidRoles() as $role)
294 {
295 $assigned_valid_roles[] = $role["translation"];
296 }
297
298 $roles_str = implode(", ",$assigned_valid_roles);
299
300 $result_set[1][] = $this->lng->txt("roles");
301 $result_set[1][] = $roles_str;
302
303 $result_set[2][] = $this->lng->txt("status");
304
305 $ilAccess->clear();
306 $ilAccess->checkAccessOfUser(
307 $this->user->getId(),
308 'read',
309 '',
310 $this->object->getRefId(),
311 $this->object->getType(),
312 $this->object->getId()
313 );
314
315 $infos = array_merge($infos,$ilAccess->getInfo());
316
317 $cmds = $this->getCommands($this->object->getType());
318
319 foreach ($cmds as $cmd)
320 {
321 $ilAccess->clear();
322 $ilAccess->doStatusCheck($cmd['permission'],$cmd['cmd'],$this->object->getRefId(),$this->user->getId(),$this->object->getId(),$this->object->getType());
323 $infos = array_merge($infos,$ilAccess->getInfo());
324 }
325
326 $alert = "il_ItemAlertProperty";
327 $okay = "il_ItemOkayProperty";
328 $text = "";
329
330 if (!$infos)
331 {
332 $text = "<span class=\"".$okay."\">".$this->lng->txt("access")."</span><br/> ";
333 }
334 else
335 {
336 foreach ($infos as $info)
337 {
338 switch ($info['type'])
339 {
340 case IL_STATUS_MESSAGE:
341 $text .= "<span class=\"".$okay."\">".$info['text']."</span><br/> ";
342 break;
343
344 case IL_NO_PARENT_ACCESS:
345 $factory = new ilObjectFactory();
346 $obj = $factory->getInstanceByRefId($info['data']);
347 $text .= "<span class=\"".$alert."\">".$info['text']." (".$this->lng->txt("obj_".$obj->getType())." #".$obj->getId().": ".$obj->getTitle().")</span><br/> ";
348 break;
349
350 default:
351 $text .= "<span class=\"".$alert."\">".$info['text']."</span><br/> ";
352 break;
353
354 }
355 }
356 }
357
358 $result_set[2][] = $text;
359
360 return $result_set;
361 }
362
367 function getAccessPermissionTableData()
368 {
369 global $ilAccess,$ilObjDataCache,$objDefinition;
370
371 // get all possible operation of current object
372 $ops_list = ilRbacReview::_getOperationList($this->object->getType());
373
374 $counter = 0;
375 $result_set = array();
376
377 // check permissions of user
378 foreach ($ops_list as $ops)
379 {
380 $access = $ilAccess->doRBACCheck($ops['operation'],"info",$this->object->getRefId(),$this->user->getId(),$this->object->getType());
381
382 $result_set[$counter]["img"] = $access ? self::IMG_OK : self::IMG_NOT_OK;
383
384 if (substr($ops['operation'], 0, 7) == "create_" &&
385 $objDefinition->isPlugin(substr($ops['operation'], 7)))
386 {
387 $result_set[$counter]["operation"] = ilPlugin::lookupTxt("rep_robj", substr($ops['operation'],7),
388 #$this->object->getType()."_".$ops['operation']);
389 'rbac_'.$ops['operation']);
390 }
391 else if ($objDefinition->isPlugin($this->object->getType()))
392 {
393 $result_set[$counter]["operation"] = ilPlugin::lookupTxt("rep_robj", $this->object->getType(),
394 $this->object->getType()."_".$ops['operation']);
395 }
396 elseif(substr($ops['operation'],0,7) == 'create_')
397 {
398 $result_set[$counter]["operation"] = $this->lng->txt('rbac_'.$ops['operation']);
399 }
400 else
401 {
402 $result_set[$counter]["operation"] = $this->lng->txt($this->object->getType()."_".$ops['operation']);
403 }
404
405 $list_role = "";
406
407 // Check ownership
408 if($this->user->getId() == $ilObjDataCache->lookupOwner($this->object->getId()))
409 {
410 if(
411 (substr($ops['operation'],0,7) != 'create_') and
412 ($ops['operation'] != 'edit_permission') and
413 ($ops['operation'] != 'edit_leanring_progress')
414 )
415 {
416 $list_role[] = $this->lng->txt('info_owner_of_object');
417 }
418 }
419 // get operations on object for each assigned role to user
420 foreach ($this->getAssignedValidRoles() as $role)
421 {
422 if (in_array($ops['ops_id'],$role['ops']))
423 {
424 $list_role[] = $role['translation'];
425 }
426 }
427
428 if (empty($list_role))
429 {
430 $list_role[] = $this->lng->txt('none');
431 }
432
433
434 $result_set[$counter]["role_ownership"] = $list_role;
435
436 ++$counter;
437 }
438
439 return $result_set;
440 }
441
446 function getAvailableRolesTableData()
447 {
448 global $tree;
449
450 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
451
452 $path = array_reverse($tree->getPathId($this->object->getRefId()));
453
454 include_once ('./Services/AccessControl/classes/class.ilObjRole.php');
455 $counter = 0;
456
457 foreach ($this->valid_roles as $role)
458 {
459 $result_set[$counter]["img"] = in_array($role['obj_id'],$this->user_roles) ? self::IMG_OK : self::IMG_NOT_OK;
460 $result_set[$counter]["role"] = str_replace(" ","&nbsp;",ilObjRole::_getTranslation($role["title"]));
461
462 if ($role['role_type'] != "linked")
463 {
464 $result_set[$counter]["effective_from"] = "";
465 }
466 else
467 {
468 $rolfs = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"]);
469
470 // ok, try to match the next rolf in path
471 foreach ($path as $node)
472 {
473 if ($node == 1)
474 {
475 break;
476 }
477
478
479 if (in_array($node,$rolfs))
480 {
481 $nodedata = $tree->getNodeData($node);
482 $result_set[$counter]["effective_from"] = $nodedata["title"];
483 $result_set[$counter]["effective_from_ref_id"] = $node;
484 break;
485 }
486 }
487 }
488
489 if (in_array($role['obj_id'],$this->global_roles))
490 {
491 $result_set[$counter]["original_position"] = $this->lng->txt("global");
492 $result_set[$counter]["original_position_ref_id"] = false;
493 }
494 else
495 {
496 $rolf = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"],true);
497 $parent_node = $tree->getNodeData($rolf[0]);
498 $result_set[$counter]["original_position"] = $parent_node["title"];
499 $result_set[$counter]["original_position_ref_id"] = $parent_node["ref_id"];
500 }
501
502 ++$counter;
503 }
504
505 return $result_set;
506 }
507}
$location
$location
Definition: buildRTE.php:44
IL_NO_PARENT_ACCESS
const IL_NO_PARENT_ACCESS
Definition: class.ilAccessInfo.php:27
ilAccessPermissionsStatusTableGUI
Table for Acces Permissons in Permission > Permission of User.
Definition: class.ilAccessPermissionsStatusTableGUI.php:14
ilAvailableRolesStatusTableGUI
Table for Available Roles in Permission > Permission of User.
Definition: class.ilAvailableRolesStatusTableGUI.php:14
ilCtrl
This class provides processing control methods.
Definition: class.ilCtrl.php:12
ilCtrl\getCmd
getCmd($a_default_cmd="", $a_safe_commands="")
Determines current get/post command.
Definition: class.ilCtrl.php:1037
ilCtrl\getFormAction
getFormAction(&$a_gui_obj, $a_fallback_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get form action url for gui class object.
Definition: class.ilCtrl.php:1166
ilCtrl\getLinkTargetByClass
getLinkTargetByClass($a_class, $a_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get link target for command using gui class name.
Definition: class.ilCtrl.php:1462
ilCtrl\getNextClass
getNextClass($a_gui_class=null)
Get next class in the control path from the current class to the target command class.
Definition: class.ilCtrl.php:858
ilCtrl\forwardCommand
& forwardCommand(&$a_gui_object)
Forward flow of control to next gui class this invokes the executeCommand() method of the gui object ...
Definition: class.ilCtrl.php:170
ilCtrl\setReturn
setReturn(&$a_gui_obj, $a_cmd)
Set return command.
Definition: class.ilCtrl.php:1497
ilInfoScreenGUI
Class ilInfoScreenGUI.
Definition: class.ilInfoScreenGUI.php:19
ilObjRole\_getTranslation
_getTranslation($a_role_title)
Definition: class.ilObjRole.php:508
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:824
ilObjectFactory
Class ilObjectFactory.
Definition: class.ilObjectFactory.php:21
ilObjectPermissionStatusGUI
This class displays the permission status of a user concerning a specific object.
Definition: class.ilObjectPermissionStatusGUI.php:16
ilObjectPermissionStatusGUI\__construct
__construct(&$a_obj)
Constructor @access public.
Definition: class.ilObjectPermissionStatusGUI.php:42
ilObjectPermissionStatusGUI\accessStatusInfo
accessStatusInfo()
Access- and Statusinformation Info.
Definition: class.ilObjectPermissionStatusGUI.php:133
ilObjectPermissionStatusGUI\accessPermissionsTable
accessPermissionsTable()
Access Permissions Table.
Definition: class.ilObjectPermissionStatusGUI.php:154
ilObjectPermissionStatusGUI\getAccessPermissionTableData
getAccessPermissionTableData()
Access Permissions Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:367
ilObjectPermissionStatusGUI\getAvailableRolesTableData
getAvailableRolesTableData()
Available Roles Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:446
ilPlugin\lookupTxt
static lookupTxt($a_mod_prefix, $a_pl_id, $a_lang_var)
Lookup language text.
Definition: class.ilPlugin.php:529
ilRbacReview\_getOperationList
static _getOperationList($a_type=null)
get operation list by object type @access public @access static
Definition: class.ilRbacReview.php:2066
ilTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilTemplate.php:12
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4978
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4964
$_POST
$_POST['username']
Definition: cron.php:12
$data
$data
Definition: example_011.php:126
$text
$text
Definition: example_020.php:127
$info
$info
Definition: example_052.php:80
$cmd
$cmd
Definition: sahs_server.php:35
$path
$path
Definition: index.php:22
$ilUser
global $ilUser
Definition: imgupload.php:15