ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilObjectPermissionStatusGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
15 class ilObjectPermissionStatusGUI
16 {
18  var $user;
20  var $lng;
22  var $ilCtrl;
24  var $tpl;
26  var $object;
28  var $rbacreview;
29  var $user_roles;
30  var $global_roles;
31  var $valid_roles;
32  var $assigned_valid_roles;
33 
34  const IMG_OK = 0;
35  const IMG_NOT_OK = 1;
36 
37 
42  public function __construct(&$a_obj)
43  {
44  global $ilCtrl,$lng,$rbacreview, $tpl;
45 
46  $this->lng = $lng;
47  $this->ilCtrl = $ilCtrl;
48  $this->tpl = $tpl;
49  $this->object = $a_obj;
50  $this->rbacreview = $rbacreview;
51 
52  $this->user = $this->getUser();
53  $this->user_roles = $rbacreview->assignedRoles($this->user->getId());
54  $this->global_roles = $rbacreview->getGlobalRoles();
55  $this->valid_roles = $rbacreview->getParentRoleIds($this->object->getRefId());
56  $this->assigned_valid_roles = $this->getAssignedValidRoles();
57 
58  }
59 
63  public function &executeCommand()
64  {
65  global $ilCtrl;
66 
67  // determine next class in the call structure
68  $next_class = $this->ilCtrl->getNextClass($this);
69 
70  switch($next_class)
71  {
72  case 'ilrepositorysearchgui':
73  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
74  $rep_search =& new ilRepositorySearchGUI();
75  $this->ilCtrl->setReturn($this,'perminfo');
76  $this->ilCtrl->forwardCommand($rep_search);
77  break;
78 
79  default:
80  $cmd = $this->ilCtrl->getCmd();
81  $this->$cmd();
82  break;
83  }
84  }
85 
89  function perminfo()
90  {
91  $tpl = new ilTemplate("tpl.info_layout.html", false, false, "Services/AccessControl");
92 
93  $tpl->setVariable("INFO_SUMMARY",$this->accessStatusInfo());
94  $tpl->setVariable("INFO_PERMISSIONS",$this->accessPermissionsTable());
95  $tpl->setVariable("INFO_ROLES",$this->availableRolesTable());
96  $tpl->setVariable("INFO_REMARK_INTERRUPTED",$this->lng->txt('info_remark_interrupted'));
97 
98  $this->tpl->setVariable("ADM_CONTENT", $tpl->get());
99 
100  $this->addToolbar();
101  }
102 
106  function addToolbar()
107  {
108  global $ilToolbar;
109 
110  $ilToolbar->setFormAction($this->ilCtrl->getFormAction($this, "perminfo"));
111 
112  $ilToolbar->addText($this->lng->txt('user'));
113 
114  include_once("./Services/Form/classes/class.ilTextInputGUI.php");
115 
116  $login = new ilTextInputGUI($this->lng->txt("username"), "user_login");
117  $login->setDataSource($this->ilCtrl->getLinkTargetByClass(array(get_class($this),
118  'ilRepositorySearchGUI'), 'doUserAutoComplete', '', true));
119  $login->setSize(15);
120  $login->setValue($this->user->getLogin());
121 
122  $ilToolbar->addInputItem($login);
123 
124  $ilToolbar->addFormButton($this->lng->txt("info_change_user_view"), "perminfo");
125 
126  //$ilToolbar->addText($lng->txt("info_enter_login_or_id"));
127  }
128 
133  function accessStatusInfo()
134  {
135  include_once("./Services/InfoScreen/classes/class.ilInfoScreenGUI.php");
136 
137  $info = new ilInfoScreenGUI(new stdClass());
138  $info->setFormAction($this->ilCtrl->getFormAction($this));
139 
140  $info->addSection($this->lng->txt("info_access_and_status_info"));
141 
142  foreach($this->getAccessStatusInfoData() as $data)
143  {
144  $info->addProperty($data[0], $data[1]);
145  }
146 
147  return $info->getHTML();
148  }
149 
154  function accessPermissionsTable()
155  {
156  include_once("./Services/AccessControl/classes/class.ilAccessPermissionsStatusTableGUI.php");
157 
158  $table = new ilAccessPermissionsStatusTableGUI($this, "perminfo");
159 
160  $table->setData($this->getAccessPermissionTableData());
161  $table->setTitle($this->lng->txt("info_access_permissions"));
162 
163  return $table->getHTML();
164  }
165 
170  function availableRolesTable()
171  {
172  include_once("./Services/AccessControl/classes/class.ilAvailableRolesStatusTableGUI.php");
173 
174  $table = new ilAvailableRolesStatusTableGUI($this, "perminfo");
175 
176  $table->setData($this->getAvailableRolesTableData());
177  $table->setTitle($this->lng->txt("info_available_roles"));
178 
179  return $table->getHTML();
180  }
181 
186  function getAssignedValidRoles()
187  {
188  include_once ('./Services/AccessControl/classes/class.ilObjRole.php');
189  $assigned_valid_roles = array();
190 
191  foreach ($this->valid_roles as $role)
192  {
193  if (in_array($role['obj_id'],$this->user_roles))
194  {
195  if ($role["obj_id"] == SYSTEM_ROLE_ID)
196  {
197  // get all possible operation of current object
198  $ops_list = ilRbacReview::_getOperationList($this->object->getType());
199 
200  foreach ($ops_list as $ops_data)
201  {
202  $ops[] = (int) $ops_data['ops_id'];
203  }
204 
205  $role['ops'] = $ops;
206  }
207  else
208  {
209  $role['ops'] = $this->rbacreview->getRoleOperationsOnObject($role["obj_id"],$this->object->getRefId());
210  }
211 
212  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
213  $role['translation'] = str_replace(" ","&nbsp;",ilObjRole::_getTranslation($role["title"]));
214  $assigned_valid_roles[] = $role;
215  }
216  }
217 
218  $this->assigned_valid_roles = $assigned_valid_roles;
219 
220  return $assigned_valid_roles;
221  }
222 
228  function getCommands($a_type)
229  {
230  global $objDefinition;
231 
232  $class = $objDefinition->getClassName($a_type);
233  $location = $objDefinition->getLocation($a_type);
234  $full_class = "ilObj".$class."Access";
235  include_once($location."/class.".$full_class.".php");
236 
237  $cmds = call_user_func(array($full_class, "_getCommands"));
238 
239  array_push($cmds,array('permission' => 'visible','cmd' => 'info'));
240 
241  return $cmds;
242  }
243 
248  function getUser()
249  {
250  global $ilUser;
251 
252  if (!isset($_POST['user_login']))
253  {
254  $user =& $ilUser;
255  }
256  else
257  {
258  include_once('Services/User/classes/class.ilObjUser.php');
259  $user_id = ilObjUser::_lookupId($_POST['user_login']);
260 
261  $factory = new ilObjectFactory();
262  $user = $factory->getInstanceByObjId($user_id,false);
263 
264 
265  if ($user === false or $user->getType() != 'usr')
266  {
267  $user =& $ilUser;
268  ilUtil::sendFailure($this->lng->txt('info_err_user_not_exist'));
269  }
270  else
271  {
272  ilUtil::sendInfo($this->lng->txt('info_user_view_changed'));
273  }
274  }
275 
276  return $user;
277  }
278 
283  function getAccessStatusInfoData()
284  {
285  global $ilAccess;
286  $infos = array();
287 
288  $result_set[0][] = $this->lng->txt("info_view_of_user");
289  $result_set[0][] = $this->user->getFullname()." (#".$this->user->getId().")";
290 
291  $assigned_valid_roles = array();
292 
293  foreach ($this->getAssignedValidRoles() as $role)
294  {
295  $assigned_valid_roles[] = $role["translation"];
296  }
297 
298  $roles_str = implode(", ",$assigned_valid_roles);
299 
300  $result_set[1][] = $this->lng->txt("roles");
301  $result_set[1][] = $roles_str;
302 
303  $result_set[2][] = $this->lng->txt("status");
304 
305  $ilAccess->clear();
306  $ilAccess->checkAccessOfUser(
307  $this->user->getId(),
308  'read',
309  '',
310  $this->object->getRefId(),
311  $this->object->getType(),
312  $this->object->getId()
313  );
314 
315  $infos = array_merge($infos,$ilAccess->getInfo());
316 
317  $cmds = $this->getCommands($this->object->getType());
318 
319  foreach ($cmds as $cmd)
320  {
321  $ilAccess->clear();
322  $ilAccess->doStatusCheck($cmd['permission'],$cmd['cmd'],$this->object->getRefId(),$this->user->getId(),$this->object->getId(),$this->object->getType());
323  $infos = array_merge($infos,$ilAccess->getInfo());
324  }
325 
326  $alert = "il_ItemAlertProperty";
327  $okay = "il_ItemOkayProperty";
328  $text = "";
329 
330  if (!$infos)
331  {
332  $text = "<span class=\"".$okay."\">".$this->lng->txt("access")."</span><br/> ";
333  }
334  else
335  {
336  foreach ($infos as $info)
337  {
338  switch ($info['type'])
339  {
340  case IL_STATUS_MESSAGE:
341  $text .= "<span class=\"".$okay."\">".$info['text']."</span><br/> ";
342  break;
343 
344  case IL_NO_PARENT_ACCESS:
345  $factory = new ilObjectFactory();
346  $obj = $factory->getInstanceByRefId($info['data']);
347  $text .= "<span class=\"".$alert."\">".$info['text']." (".$this->lng->txt("obj_".$obj->getType())." #".$obj->getId().": ".$obj->getTitle().")</span><br/> ";
348  break;
349 
350  default:
351  $text .= "<span class=\"".$alert."\">".$info['text']."</span><br/> ";
352  break;
353 
354  }
355  }
356  }
357 
358  $result_set[2][] = $text;
359 
360  return $result_set;
361  }
362 
367  function getAccessPermissionTableData()
368  {
369  global $ilAccess,$ilObjDataCache,$objDefinition;
370 
371  // get all possible operation of current object
372  $ops_list = ilRbacReview::_getOperationList($this->object->getType());
373 
374  $counter = 0;
375  $result_set = array();
376 
377  // check permissions of user
378  foreach ($ops_list as $ops)
379  {
380  $access = $ilAccess->doRBACCheck($ops['operation'],"info",$this->object->getRefId(),$this->user->getId(),$this->object->getType());
381 
382  $result_set[$counter]["img"] = $access ? self::IMG_OK : self::IMG_NOT_OK;
383 
384  if (substr($ops['operation'], 0, 7) == "create_" &&
385  $objDefinition->isPlugin(substr($ops['operation'], 7)))
386  {
387  $result_set[$counter]["operation"] = ilPlugin::lookupTxt("rep_robj", substr($ops['operation'],7),
388  #$this->object->getType()."_".$ops['operation']);
389  'rbac_'.$ops['operation']);
390  }
391  else if ($objDefinition->isPlugin($this->object->getType()))
392  {
393  $result_set[$counter]["operation"] = ilPlugin::lookupTxt("rep_robj", $this->object->getType(),
394  $this->object->getType()."_".$ops['operation']);
395  }
396  elseif(substr($ops['operation'],0,7) == 'create_')
397  {
398  $result_set[$counter]["operation"] = $this->lng->txt('rbac_'.$ops['operation']);
399  }
400  else
401  {
402  $result_set[$counter]["operation"] = $this->lng->txt($this->object->getType()."_".$ops['operation']);
403  }
404 
405  $list_role = "";
406 
407  // Check ownership
408  if($this->user->getId() == $ilObjDataCache->lookupOwner($this->object->getId()))
409  {
410  if(
411  (substr($ops['operation'],0,7) != 'create_') and
412  ($ops['operation'] != 'edit_permission') and
413  ($ops['operation'] != 'edit_leanring_progress')
414  )
415  {
416  $list_role[] = $this->lng->txt('info_owner_of_object');
417  }
418  }
419  // get operations on object for each assigned role to user
420  foreach ($this->getAssignedValidRoles() as $role)
421  {
422  if (in_array($ops['ops_id'],$role['ops']))
423  {
424  $list_role[] = $role['translation'];
425  }
426  }
427 
428  if (empty($list_role))
429  {
430  $list_role[] = $this->lng->txt('none');
431  }
432 
433 
434  $result_set[$counter]["role_ownership"] = $list_role;
435 
436  ++$counter;
437  }
438 
439  return $result_set;
440  }
441 
446  function getAvailableRolesTableData()
447  {
448  global $tree;
449 
450  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
451 
452  $path = array_reverse($tree->getPathId($this->object->getRefId()));
453 
454  include_once ('./Services/AccessControl/classes/class.ilObjRole.php');
455  $counter = 0;
456 
457  foreach ($this->valid_roles as $role)
458  {
459  $result_set[$counter]["img"] = in_array($role['obj_id'],$this->user_roles) ? self::IMG_OK : self::IMG_NOT_OK;
460  $result_set[$counter]["role"] = str_replace(" ","&nbsp;",ilObjRole::_getTranslation($role["title"]));
461 
462  if ($role['role_type'] != "linked")
463  {
464  $result_set[$counter]["effective_from"] = "";
465  }
466  else
467  {
468  $rolfs = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"]);
469 
470  // ok, try to match the next rolf in path
471  foreach ($path as $node)
472  {
473  if ($node == 1)
474  {
475  break;
476  }
477 
478 
479  if (in_array($node,$rolfs))
480  {
481  $nodedata = $tree->getNodeData($node);
482  $result_set[$counter]["effective_from"] = $nodedata["title"];
483  $result_set[$counter]["effective_from_ref_id"] = $node;
484  break;
485  }
486  }
487  }
488 
489  if (in_array($role['obj_id'],$this->global_roles))
490  {
491  $result_set[$counter]["original_position"] = $this->lng->txt("global");
492  $result_set[$counter]["original_position_ref_id"] = false;
493  }
494  else
495  {
496  $rolf = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"],true);
497  $parent_node = $tree->getNodeData($rolf[0]);
498  $result_set[$counter]["original_position"] = $parent_node["title"];
499  $result_set[$counter]["original_position_ref_id"] = $parent_node["ref_id"];
500  }
501 
502  ++$counter;
503  }
504 
505  return $result_set;
506  }
507 }
ilObjectPermissionStatusGUI\getAvailableRolesTableData
getAvailableRolesTableData()
Available Roles Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:446
ilObjectPermissionStatusGUI\getAccessStatusInfoData
getAccessStatusInfoData()
Access Status Info Data.
Definition: class.ilObjectPermissionStatusGUI.php:283
ilCtrl
This class provides processing control methods.
Definition: class.ilCtrl.php:11
ilTextInputGUI\setDataSource
setDataSource($href, $a_delimiter=null)
set datasource link for js autocomplete
Definition: class.ilTextInputGUI.php:346
ilInfoScreenGUI
Class ilInfoScreenGUI.
Definition: class.ilInfoScreenGUI.php:18
ilObjectFactory
Class ilObjectFactory.
Definition: class.ilObjectFactory.php:20
$_POST
$_POST['username']
Definition: cron.php:12
$location
$location
Definition: buildRTE.php:44
ilObjRole\_getTranslation
_getTranslation($a_role_title)
Definition: class.ilObjRole.php:508
ilAccessPermissionsStatusTableGUI
Table for Acces Permissons in Permission > Permission of User.
Definition: class.ilAccessPermissionsStatusTableGUI.php:13
$cmd
$cmd
Definition: sahs_server.php:35
ilRbacReview\_getOperationList
static _getOperationList($a_type=null)
get operation list by object type public static
Definition: class.ilRbacReview.php:2066
ilCtrl\getLinkTargetByClass
getLinkTargetByClass($a_class, $a_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get link target for command using gui class name.
Definition: class.ilCtrl.php:1462
IL_NO_PARENT_ACCESS
const IL_NO_PARENT_ACCESS
Definition: class.ilAccessInfo.php:27
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:824
ilObjectPermissionStatusGUI\getAccessPermissionTableData
getAccessPermissionTableData()
Access Permissions Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:367
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4964
$info
$info
Definition: example_052.php:80
ilPlugin\lookupTxt
static lookupTxt($a_mod_prefix, $a_pl_id, $a_lang_var)
Lookup language text.
Definition: class.ilPlugin.php:529
ilCtrl\getNextClass
getNextClass($a_gui_class=null)
Get next class in the control path from the current class to the target command class.
Definition: class.ilCtrl.php:858
$data
$data
Definition: example_011.php:126
ilObjectPermissionStatusGUI\accessStatusInfo
accessStatusInfo()
Access- and Statusinformation Info.
Definition: class.ilObjectPermissionStatusGUI.php:133
ilCtrl\setReturn
setReturn(&$a_gui_obj, $a_cmd)
Set return command.
Definition: class.ilCtrl.php:1497
ilCtrl\getCmd
getCmd($a_default_cmd="", $a_safe_commands="")
Determines current get/post command.
Definition: class.ilCtrl.php:1037
ilTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilTemplate.php:11
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilObjectPermissionStatusGUI\accessPermissionsTable
accessPermissionsTable()
Access Permissions Table.
Definition: class.ilObjectPermissionStatusGUI.php:154
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4978
ilCtrl\getFormAction
getFormAction(&$a_gui_obj, $a_fallback_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get form action url for gui class object.
Definition: class.ilCtrl.php:1166
$ilUser
global $ilUser
Definition: imgupload.php:15
$path
$path
Definition: index.php:22
$text
$text
Definition: example_020.php:127
ilAvailableRolesStatusTableGUI
Table for Available Roles in Permission > Permission of User.
Definition: class.ilAvailableRolesStatusTableGUI.php:13
ilObjectPermissionStatusGUI
This class displays the permission status of a user concerning a specific object. ...
Definition: class.ilObjectPermissionStatusGUI.php:15
ilObjectPermissionStatusGUI\getAssignedValidRoles
getAssignedValidRoles()
get Assigned Valid Roles
Definition: class.ilObjectPermissionStatusGUI.php:186
ilCtrl\forwardCommand
& forwardCommand(&$a_gui_object)
Forward flow of control to next gui class this invokes the executeCommand() method of the gui object ...
Definition: class.ilCtrl.php:170