ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilObjectRolePermissionTableGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4include_once ('./Services/Table/classes/class.ilTable2GUI.php');
5include_once './Services/AccessControl/classes/class.ilPermissionGUI.php';
6
17{
18 const ROLE_FILTER_ALL = 1;
23
24 private $ref_id = null;
25 private $roles = array();
26
27 private $tree_path_ids = array();
28
29 private $activeOperations = array();
30 private $visible_roles = array();
31
36 public function __construct($a_parent_obj,$a_parent_cmd, $a_ref_id)
37 {
38 global $ilCtrl,$rbacreview,$tpl,$tree;
39
40 parent::__construct($a_parent_obj,$a_parent_cmd);
41
42 $this->lng->loadLanguageModule('rbac');
43
44 $this->ref_id = $a_ref_id;
45 $this->tree_path_ids = $tree->getPathId($this->ref_id);
46
47 $this->setId('objroleperm_'.$this->ref_id);
48
49 $tpl->addJavaScript('./Services/AccessControl/js/ilPermSelect.js');
50
51 $this->setTitle($this->lng->txt('permission_settings'));
52 $this->setEnableHeader(true);
53 $this->disable('sort');
54 $this->setFormAction($ilCtrl->getFormAction($a_parent_obj, $a_parent_cmd));
55 $this->disable('numinfo');
56 $this->setRowTemplate("tpl.obj_role_perm_row.html", "Services/AccessControl");
57 $this->setLimit(100);
58 $this->setShowRowsSelector(false);
59 $this->setDisableFilterHiding(true);
60 $this->setNoEntriesText($this->lng->txt('msg_no_roles_of_type'));
61
62 $this->addCommandButton('savePermissions', $this->lng->txt('save'));
63
64 $this->initFilter();
65 }
66
67
72 public function getPathIds()
73 {
74 return (array) $this->tree_path_ids;
75 }
76
81 public function getRefId()
82 {
83 return $this->ref_id;
84 }
85
90 public function getObjId()
91 {
92 return ilObject::_lookupObjId($this->getRefId());
93 }
94
99 public function getObjType()
100 {
101 return ilObject::_lookupType($this->getObjId());
102 }
103
109 public function addActiveOperation($a_ops_id)
110 {
111 $this->activeOperations[] = $a_ops_id;
112 }
113
118 public function getActiveOperations()
119 {
120 return (array) $this->activeOperations;
121 }
122
128 public function setVisibleRoles($a_ar)
129 {
130 $this->visible_roles = $a_ar;
131 }
132
137 public function getVisibleRoles()
138 {
140 }
141
146 public function initFilter()
147 {
148 global $tree;
149
151 'role',
153 );
154
155 // Limit filter to local roles only for objects with group or course in path
156 if(!$roles->getValue())
157 {
158 if ($tree->checkForParentType($this->getRefId(), 'crs') or
159 $tree->checkForParentType($this->getRefId(), 'grp'))
160 {
161 $roles->setValue(self::ROLE_FILTER_LOCAL);
162 }
163 else
164 {
165 $roles->setValue(self::ROLE_FILTER_ALL);
166 }
167 }
168
169
170 $roles->setOptions(
171 array(
172 self::ROLE_FILTER_ALL => $this->lng->txt('filter_all_roles'),
173 self::ROLE_FILTER_GLOBAL => $this->lng->txt('filter_global_roles'),
174 self::ROLE_FILTER_LOCAL => $this->lng->txt('filter_local_roles'),
175 self::ROLE_FILTER_LOCAL_POLICY => $this->lng->txt('filter_roles_local_policy'),
176 self::ROLE_FILTER_LOCAL_OBJECT => $this->lng->txt('filter_local_roles_object')
177 )
178 );
179
180 }
181
187 public function fillRow($row)
188 {
189 global $objDefinition;
190
191
192 // local policy
193 if(isset($row['show_local_policy_row']))
194 {
195 foreach($row['roles'] as $role_id => $role_info)
196 {
197 $this->tpl->setCurrentBlock('role_option');
198 $this->tpl->setVariable('INHERIT_ROLE_ID',$role_id);
199 $this->tpl->setVariable('INHERIT_CHECKED',$role_info['local_policy'] ? 'checked=checked' : '');
200 $this->tpl->setVariable('INHERIT_DISABLED',($role_info['protected'] or $role_info['isLocal'] or $role_info['blocked']) ? 'disabled="disabled"' : '');
201 $this->tpl->setVariable('TXT_INHERIT',$this->lng->txt('rbac_local_policy'));
202 $this->tpl->setVariable('INHERIT_LONG',$this->lng->txt('perm_use_local_policy_desc'));
203 $this->tpl->parseCurrentBlock();
204 }
205 return true;
206 }
207 // protected
208 if(isset($row['show_protected_row']))
209 {
210 foreach($row['roles'] as $role_id => $role_info)
211 {
212 $this->tpl->setCurrentBlock('role_protect');
213 $this->tpl->setVariable('PROTECT_ROLE_ID',$role_id);
214 $this->tpl->setVariable('PROTECT_CHECKED',$role_info['protected_status'] ? 'checked=checked' : '');
215 $this->tpl->setVariable('PROTECT_DISABLED',$role_info['protected_allowed'] ? '' : 'disabled="disabled"');
216 $this->tpl->setVariable('TXT_PROTECT',$this->lng->txt('role_protect_permissions'));
217 $this->tpl->setVariable('PROTECT_LONG',$this->lng->txt('role_protect_permissions_desc'));
218 $this->tpl->parseCurrentBlock();
219 }
220 return true;
221 }
222
223 // block role
224 if(isset($row['show_block_row']))
225 {
226 foreach($this->getVisibleRoles() as $counter => $role_info)
227 {
228 $this->tpl->setCurrentBlock('role_block');
229 $this->tpl->setVariable('BLOCK_ROLE_ID',$role_info['obj_id']);
230 $this->tpl->setVariable('TXT_BLOCK',$this->lng->txt('role_block_role'));
231 $this->tpl->setVariable('BLOCK_LONG',$this->lng->txt('role_block_role_desc'));
232 if($role_info['blocked'])
233 {
234 $this->tpl->setVariable('BLOCK_CHECKED','checked="checked"');
235 }
236 ilLoggerFactory::getLogger('ac')->debug(print_r($role_info,TRUE));
237 if(
238 ($role_info['protected'] == 'y') ||
239 ($role_info['assign'] == 'y' and ($role_info['parent'] == $this->getRefId()))
240 )
241 {
242 $this->tpl->setVariable('BLOCK_DISABLED','disabled="disabled');
243 }
244
245 $this->tpl->parseCurrentBlock();
246 }
247 return true;
248 }
249
250 // Select all
251 if(isset($row['show_select_all']))
252 {
253 foreach($this->getVisibleRoles() as $role)
254 {
255 $this->tpl->setCurrentBlock('role_select_all');
256 $this->tpl->setVariable('JS_ROLE_ID',$role['obj_id']);
257 $this->tpl->setVariable('JS_SUBID',$row['subtype']);
258 $this->tpl->setVariable('JS_ALL_PERMS',"['".implode("','",$row['ops'])."']");
259 $this->tpl->setVariable('JS_FORM_NAME',$this->getFormName());
260 $this->tpl->setVariable('TXT_SEL_ALL',$this->lng->txt('select_all'));
261 $this->tpl->parseCurrentBlock();
262 }
263 return true;
264 }
265
266 // Object permissions
267 if(isset($row['show_start_info']))
268 {
269 $this->tpl->setCurrentBlock('section_info');
270 $this->tpl->setVariable('SECTION_TITLE',$this->lng->txt('perm_class_object'));
271 $this->tpl->setVariable('SECTION_DESC',$this->lng->txt('perm_class_object_desc'));
272 $this->tpl->parseCurrentBlock();
273
274 return true;
275 }
276
277 if(isset($row['show_create_info']))
278 {
279 $this->tpl->setCurrentBlock('section_info');
280 $this->tpl->setVariable('SECTION_TITLE',$this->lng->txt('perm_class_create'));
281 $this->tpl->setVariable('SECTION_DESC',$this->lng->txt('perm_class_create_desc'));
282 $this->tpl->parseCurrentBlock();
283
284 return true;
285 }
286
287 foreach((array) $row['roles'] as $role_id => $role_info)
288 {
289 $this->tpl->setCurrentBlock('role_td');
290 $this->tpl->setVariable('PERM_ROLE_ID',$role_id);
291 $this->tpl->setVariable('PERM_PERM_ID',$row['perm']['ops_id']);
292
293
294 if(substr($row['perm']['operation'],0,6) == 'create')
295 {
296 if ($objDefinition->isPlugin(substr($row['perm']['operation'],7)))
297 {
298 $perm = ilPlugin::lookupTxt("rep_robj", substr($row['perm']['operation'],7),
299 "obj_".substr($row['perm']['operation'],7));
300 }
301 else
302 {
303 $perm = $this->lng->txt('obj_'.substr($row['perm']['operation'],7));
304 }
305 }
306 else
307 {
308 if($this->lng->exists($this->getObjType().'_'.$row['perm']['operation'].'_short'))
309 {
310 $perm = $this->lng->txt($this->getObjType().'_'.$row['perm']['operation'].'_short');
311 }
312 else
313 {
314 $perm = $this->lng->txt($row['perm']['operation']);
315 }
316 }
317
318 $this->tpl->setVariable('TXT_PERM',$perm);
319
320 if ($objDefinition->isPlugin($this->getObjType()))
321 {
322 $this->tpl->setVariable('PERM_LONG',ilPlugin::lookupTxt("rep_robj", $this->getObjType(),
323 $this->getObjType()."_".$row['perm']['operation']));
324 }
325 elseif(substr($row['perm']['operation'],0,6) == 'create')
326 {
327 $this->tpl->setVariable('PERM_LONG',$this->lng->txt('rbac_'.$row['perm']['operation']));
328 }
329 else
330 {
331 $this->tpl->setVariable('PERM_LONG',$this->lng->txt($this->getObjType().'_'.$row['perm']['operation']));
332 }
333
334 if($role_info['protected'] || $role_info['blocked'])
335 {
336 $this->tpl->setVariable('PERM_DISABLED','disabled="disabled"');
337 }
338 if($role_info['permission_set'])
339 {
340 $this->tpl->setVariable('PERM_CHECKED','checked="checked"');
341 }
342
343 $this->tpl->parseCurrentBlock();
344 }
345 }
346
347
352 public function parse()
353 {
354 global $rbacreview,$objDefinition;
355
356 $this->initColumns();
357
358 $perms = array();
359 $roles = array();
360
361 if(!count($this->getVisibleRoles()))
362 {
363 return $this->setData(array());
364 }
365
366 // Read operations of role
367 $operations = array();
368 foreach($this->getVisibleRoles() as $role_data)
369 {
370 $operations[$role_data['obj_id']] = $rbacreview->getActiveOperationsOfRole($this->getRefId(), $role_data['obj_id']);
371 }
372
373 $counter = 0;
374
375 // Local policy
377 {
378 $roles = array();
379 $local_roles = $rbacreview->getRolesOfObject($this->getRefId());
380 foreach($this->getVisibleRoles() as $role_id => $role_data)
381 {
382 $roles[$role_data['obj_id']] = array(
383 'blocked' => $role_data['blocked'],
384 'protected' => $role_data['protected'],
385 'local_policy' => in_array($role_data['obj_id'],$local_roles),
386 'isLocal' => ($this->getRefId() == $role_data['parent']) && $role_data['assign'] == 'y'
387 );
388 }
389 $perms[$counter]['roles'] = $roles;
390 $perms[$counter]['show_local_policy_row'] = 1;
391
392 $counter++;
393 }
394
395 // Protect permissions
397 {
398 $roles = array();
399 foreach($this->getVisibleRoles() as $role_id => $role_data)
400 {
401 $roles[$role_data['obj_id']] = array(
402 'blocked' => $role_data['blocked'],
403 'protected_allowed' => $rbacreview->isAssignable($role_data['obj_id'],$this->getRefId()),
404 'protected_status' => $rbacreview->isProtected($role_data['parent'], $role_data['obj_id']),
405 'isLocal' => ($this->getRefId() == $role_data['parent']) && $role_data['assign'] == 'y'
406 );
407 }
408 $perms[$counter]['roles'] = $roles;
409 $perms[$counter]['show_protected_row'] = 1;
410
411 $counter++;
412 }
413 // Block role
415 {
416 $perms[$counter++]['show_block_row'] = 1;
417 }
418
419
421 {
422 $perms[$counter++]['show_start_info'] = true;
423 }
424
425 // no creation permissions
426 $no_creation_operations = array();
427 foreach($rbacreview->getOperationsByTypeAndClass($this->getObjType(),'object') as $operation)
428 {
429 $this->addActiveOperation($operation);
430 $no_creation_operations[] = $operation;
431
432 $roles = array();
433 foreach($this->getVisibleRoles() as $role_data)
434 {
435 $roles[$role_data['obj_id']] =
436 array(
437 'blocked' => $role_data['blocked'],
438 'protected' => $role_data['protected'],
439 'permission_set' => in_array($operation,(array) $operations[$role_data['obj_id']]),
440 'isLocal' => ($this->getRefId() == $role_data['parent']) && $role_data['assign'] == 'y'
441 );
442 }
443
444 $op = $rbacreview->getOperation($operation);
445
446 $perms[$counter]['roles'] = $roles;
447 $perms[$counter]['perm'] = $op;
448 $counter++;
449
450 }
451
452 /*
453 * Select all
454 */
455 if($no_creation_operations)
456 {
457 $perms[$counter]['show_select_all'] = 1;
458 $perms[$counter]['ops'] = $no_creation_operations;
459 $perms[$counter]['subtype'] = 'nocreation';
460 $counter++;
461 }
462
463
464 if($objDefinition->isContainer($this->getObjType()))
465 {
466 $perms[$counter++]['show_create_info'] = true;
467 }
468
469 // Get creatable objects
470 $objects = $objDefinition->getCreatableSubObjects($this->getObjType());
471 $ops_ids = ilRbacReview::lookupCreateOperationIds(array_keys($objects));
472 $creation_operations = array();
473 foreach($objects as $type => $info)
474 {
475 $ops_id = $ops_ids[$type];
476
477 if(!$ops_id)
478 {
479 continue;
480 }
481
482 $this->addActiveOperation($ops_id);
483 $creation_operations[] = $ops_id;
484
485 $roles = array();
486 foreach($this->getVisibleRoles() as $role_data)
487 {
488 $roles[$role_data['obj_id']] =
489 array(
490 'blocked' => $role_data['blocked'],
491 'protected' => $role_data['protected'],
492 'permission_set' => in_array($ops_id,(array) $operations[$role_data['obj_id']]),
493 'isLocal' => ($this->getRefId() == $role_data['parent']) && $role_data['assign'] == 'y'
494
495 );
496 }
497
498 $op = $rbacreview->getOperation($ops_id);
499
500 $perms[$counter]['roles'] = $roles;
501 $perms[$counter]['perm'] = $op;
502 $counter++;
503
504 }
505
506
507
508 // Select all
509 if(count($creation_operations))
510 {
511 $perms[$counter]['show_select_all'] = 1;
512 $perms[$counter]['ops'] = $creation_operations;
513 $perms[$counter]['subtype'] = 'creation';
514 $counter++;
515 }
516
517 $this->setData($perms);
518 }
519
524 protected function initColumns()
525 {
526 global $rbacreview,$ilCtrl;
527
528 $roles = $rbacreview->getParentRoleIds($this->getRefId());
529 $roles = $this->getParentObject()->applyRoleFilter(
530 $roles,
531 $this->getFilterItemByPostVar('role')->getValue()
532 );
533
534 $possible_roles = array();
535 foreach($roles as $role)
536 {
537 if($rbacreview->isBlockedInUpperContext($role['obj_id'],$this->getRefId()))
538 {
539 ilLoggerFactory::getLogger('ac')->debug('Ignoring blocked role: ' . $role['obj_id']);
540 continue;
541 }
542 $possible_roles[] = $role;
543 }
544
545
546 if(count($possible_roles))
547 {
548 $column_width = 100/count($possible_roles);
549 $column_width .= '%';
550 }
551 else
552 {
553 $column_widht = "0%";
554 }
555
556 $all_roles = array();
557 foreach($possible_roles as $role)
558 {
559 if($role['obj_id'] == SYSTEM_ROLE_ID)
560 {
561 continue;
562 }
563
564 $role['blocked'] = (bool) $rbacreview->isBlockedAtPosition($role['obj_id'],$this->getRefId());
565 $role['role_type'] = $rbacreview->isGlobalRole($role['obj_id']) ? 'global' : 'local';
566
567 // TODO check filter
568 $this->addColumn(
569 $this->createTitle($role),
570 $role['obj_id'],
571 '',
572 '',
573 false,
574 $this->createTooltip($role)
575 );
576 $all_roles[] = $role;
577 }
578
579 $this->setVisibleRoles($all_roles);
580 return true;
581 }
582
588 protected function createTooltip($role)
589 {
590 global $rbacreview,$tree;
591
592 #vd($role);
593 $protected_status = $rbacreview->isProtected($role['parent'], $role['obj_id']) ? 'protected_' : '';
594 if($role['role_type'] == 'global')
595 {
596 $tp = $this->lng->txt('perm_'.$protected_status.'global_role');
597 }
598 else
599 {
600 $tp = $this->lng->txt('perm_'.$protected_status.'local_role');
601 }
602
603 $inheritance_seperator = ': ';
604
605 // Show create at info
606 if(
607 ($role['assign'] == 'y' and $role['role_type'] != 'global') or
608 ($role['assign'] == 'n' and $role['role_type'] != 'global')
609 )
610 {
611 $tp .= ': ';
612
613 $obj = $rbacreview->getObjectOfRole($role['obj_id']);
614 if($obj)
615 {
616 $tp .= sprintf(
617 $this->lng->txt('perm_role_path_info_created'),
618 $this->lng->txt('obj_'.ilObject::_lookupType($obj)),ilObject::_lookupTitle($obj)
619 );
620 $inheritance_seperator = ', ';
621 }
622 }
623
624 $path_hierarchy = $rbacreview->getObjectsWithStopedInheritance(
625 $role['obj_id'],
626 $tree->getPathId($this->getRefId())
627 );
628
629 $reduced_path_hierarchy = (array) array_diff(
630 $path_hierarchy,
631 array(
632 $this->getRefId(),
633 $rbacreview->getObjectReferenceOfRole($role['obj_id'])
634 )
635 );
636
637
638 // Inheritance
639 if($role['assign'] == 'n' and count($reduced_path_hierarchy))
640 {
641 $tp .= $inheritance_seperator;
642
643 $parent = end($reduced_path_hierarchy);
646 $tp .= sprintf($this->lng->txt('perm_role_path_info_inheritance'),$this->lng->txt('obj_'.$p_type),$p_title);
647 }
648
649 return $tp;
650 }
651
657 protected function createTitle($role)
658 {
659 global $ilCtrl;
660
661 include_once './Services/AccessControl/classes/class.ilObjRole.php';
662 $role['title'] = ilObjRole::_getTranslation($role['title']);
663
664 // No local policies
665 if($role['parent'] != $this->getRefId())
666 {
667 return $role['title'];
668 }
669 if($role['blocked'])
670 {
671 return $role['title'];
672 }
673 $ilCtrl->setParameterByClass('ilobjrolegui', 'obj_id', $role['obj_id']);
674
675 return '<a class="tblheader" href="'.$ilCtrl->getLinkTargetByClass('ilobjrolegui','').'" >'.$role['title'].'</a>';
676 }
677}
678?>
global $tpl
Definition: ilias.php:8
static getLogger($a_component_id)
Get component logger.
_getTranslation($a_role_title)
__construct($a_parent_obj, $a_parent_cmd, $a_ref_id)
Constructor.
addActiveOperation($a_ops_id)
Add active operation.
createTooltip($role)
Create a linked title for roles with local policy.
static _lookupObjId($a_id)
static _lookupTitle($a_id)
lookup object title
static _lookupType($a_id, $a_reference=false)
lookup object type
static hasContainerCommands($a_type)
Check if container commands are possible for the current object type.
static lookupTxt($a_mod_prefix, $a_pl_id, $a_lang_var)
Lookup language text.
static lookupCreateOperationIds($a_type_arr)
Lookup operation ids.
Class ilTable2GUI.
getFormName()
Get Form name.
setEnableHeader($a_enableheader)
Set Enable Header.
setDisableFilterHiding($a_val=true)
Set disable filter hiding.
addColumn($a_text, $a_sort_field="", $a_width="", $a_is_checkbox_action_column=false, $a_class="", $a_tooltip="", $a_tooltip_with_html=false)
Add a column to the header.
setShowRowsSelector($a_value)
Toggle rows-per-page selector.
getParentObject()
Get parent object.
setTitle($a_title, $a_icon=0, $a_icon_alt=0)
Set title and title icon.
setNoEntriesText($a_text)
Set text for an empty table.
setData($a_data)
set table data @access public
setRowTemplate($a_template, $a_template_dir="")
Set row template.
setLimit($a_limit=0, $a_default_limit=0)
set max.
getFilterItemByPostVar($a_post_var)
setId($a_val)
Set id.
setFormAction($a_form_action, $a_multipart=false)
Set Form action parameter.
addFilterItemByMetaType($id, $type=self::FILTER_TEXT, $a_optional=false, $caption=NULL)
Add filter by standard type.
addCommandButton($a_cmd, $a_text, $a_onclick='', $a_id="", $a_class=null)
Add Command button.
disable($a_module_name)
diesables particular modules of table
$info
Definition: example_052.php:80
global $ilCtrl
Definition: ilias.php:18