ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
Public Member Functions | Private Member Functions
ilSoapRBACAdministration Class Reference
+ Inheritance diagram for ilSoapRBACAdministration:
+ Collaboration diagram for ilSoapRBACAdministration:

Public Member Functions

 ilSoapRBACAdministration ()
 
 deleteRole ($sid, $role_id)
 
 addUserRoleEntry ($sid, $user_id, $role_id)
 
 deleteUserRoleEntry ($sid, $user_id, $role_id)
 
 getOperations ($sid)
 
 revokePermissions ($sid, $ref_id, $role_id)
 
 grantPermissions ($sid, $ref_id, $role_id, $permissions)
 
 getLocalRoles ($sid, $ref_id)
 
 getUserRoles ($sid, $user_id)
 
 addRole ($sid, $target_id, $role_xml)
 
 addRoleFromTemplate ($sid, $target_id, $role_xml, $template_id)
 
 getObjectTreeOperations ($sid, $ref_id, $user_id)
 
 getRoles ($sid, $role_type, $id)
 get roles for a specific type and id More...
 
 searchRoles ($sid, $key, $combination, $role_type)
 search for roles. More...
 
- Public Member Functions inherited from ilSoapAdministration
 ilSoapAdministration ($use_nusoap=true)
 
 initErrorWriter ()
 Overwrite error handler. More...
 
 __explodeSid ($sid)
 
 __setMessage ($a_str)
 
 __getMessage ()
 
 __appendMessage ($a_str)
 
 __setMessageCode ($a_code)
 
 __getMessageCode ()
 
 initAuth ($sid)
 
 initIlias ()
 
 __initAuthenticationObject ($a_auth_mode=AUTH_LOCAL)
 
 __raiseError ($a_message, $a_code)
 
 getNIC ($sid)
 get client information from current as xml result set More...
 
 isFault ($object)
 
 checkObjectAccess ($ref_id, $expected_type, $permission, $returnObject=false)
 check access for ref id: expected type, permission, return object instance if returnobject is true More...
 
 getInstallationInfoXML ()
 
 getClientInfoXML ($clientid)
 

Private Member Functions

 parseUserID ($id, $role_type)
 

Additional Inherited Members

- Static Public Member Functions inherited from ilSoapAdministration
static return_bytes ($val)
 calculate bytes from K,M,G modifiers e.g: 8M = 8 * 1024 * 1024 bytes More...
 
- Data Fields inherited from ilSoapAdministration
 $sauth = null
 
 $error_method = null
 
- Protected Attributes inherited from ilSoapAdministration
 $soap_check = true
 

Detailed Description

Definition at line 35 of file class.ilSoapRBACAdministration.php.

Member Function Documentation

◆ addRole()

ilSoapRBACAdministration::addRole (   $sid,
  $target_id,
  $role_xml 
)

Definition at line 349 of file class.ilSoapRBACAdministration.php.

References $GLOBALS, $target_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

350  {
351  $this->initAuth($sid);
352  $this->initIlias();
353 
354  if(!$this->__checkSession($sid))
355  {
356  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
357  }
358 
359  global $rbacreview, $objDefinition, $rbacsystem,$ilAccess;
360 
361  if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($target_id,false))
362  {
363  return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
364  'Client');
365  }
366 
367  if(ilObject::_isInTrash($target_id))
368  {
369  return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
370  }
371 
372  if(!$ilAccess->checkAccess('edit_permission','',$target_id))
373  {
374  return $this->__raiseError('Check access failed. No permission to create roles','Server');
375  }
376 
377  include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
378 
379  $xml_parser =& new ilObjectXMLParser($role_xml);
380  $xml_parser->startParsing();
381 
382  foreach($xml_parser->getObjectData() as $object_data)
383  {
384 
385  // check if role title has il_ prefix
386  if(substr($object_data['title'],0,3) == "il_")
387  {
388  return $this->__raiseError('Rolenames are not allowed to start with "il_" ',
389  'Client');
390  }
391 
392  include_once './Services/AccessControl/classes/class.ilObjRole.php';
393  $role = new ilObjRole();
394  $role->setTitle($object_data['title']);
395  $role->setDescription($object_data['description']);
396  $role->setImportId($object_data['import_id']);
397  $role->create();
398 
399  $GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(),$target_id);
400  $new_roles[] = $role->getId();
401  }
402 
403  return $new_roles ? $new_roles : array();
404  }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:15
ilObjectFactory\getInstanceByRefId
getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:143
$target_id
$target_id
Definition: goto.php:88
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilObject\_isInTrash
_isInTrash($a_ref_id)
checks wether object is in trash
Definition: class.ilObject.php:1210
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276
+ Here is the call graph for this function:

◆ addRoleFromTemplate()

ilSoapRBACAdministration::addRoleFromTemplate (   $sid,
  $target_id,
  $role_xml,
  $template_id 
)

Definition at line 406 of file class.ilSoapRBACAdministration.php.

References $GLOBALS, $target_id, $template_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), ilObject\_lookupType(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

407  {
408  $this->initAuth($sid);
409  $this->initIlias();
410 
411  if(!$this->__checkSession($sid))
412  {
413  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
414  }
415 
416  global $rbacreview, $objDefinition, $rbacsystem, $rbacadmin,$ilAccess;
417 
418  if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($target_id,false))
419  {
420  return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
421  'Client');
422  }
423  if(ilObject::_lookupType($template_id) != 'rolt')
424  {
425  return $this->__raiseError('No valid template id given. Please choose an existing object id of an ILIAS role template',
426  'Client');
427  }
428 
429 
430  if(ilObject::_isInTrash($target_id))
431  {
432  return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
433  }
434 
435  if(!$ilAccess->checkAccess('edit_permission','',$target_id))
436  {
437  return $this->__raiseError('Check access failed. No permission to create roles','Server');
438  }
439 
440 
441  include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
442 
443  $xml_parser =& new ilObjectXMLParser($role_xml);
444  $xml_parser->startParsing();
445 
446  foreach($xml_parser->getObjectData() as $object_data)
447  {
448 
449  // check if role title has il_ prefix
450  if(substr($object_data['title'],0,3) == "il_")
451  {
452  return $this->__raiseError('Rolenames are not allowed to start with "il_" ',
453  'Client');
454  }
455 
456  include_once './Services/AccessControl/classes/class.ilObjRole.php';
457  $role = new ilObjRole();
458  $role->setTitle($object_data['title']);
459  $role->setDescription($object_data['description']);
460  $role->setImportId($object_data['import_id']);
461  $role->create();
462 
463  $GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(),$target_id);
464 
465  // Copy permssions
466  $rbacadmin->copyRoleTemplatePermissions($template_id,ROLE_FOLDER_ID,$target_id,$role->getId());
467 
468  // Set object permissions according to role template
469  $ops = $rbacreview->getOperationsOfRole($role->getId(),$tmp_obj->getType(),$target_id);
470  $rbacadmin->grantPermission($role->getId(),$ops,$target_id);
471  $new_roles[] = $role->getId();
472  }
473 
474 
475  // CREATE ADMIN ROLE
476 
477 
478 
479 
480 
481  return $new_roles ? $new_roles : array();
482  }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:15
$template_id
$template_id
Definition: example_062.php:89
ilObjectFactory\getInstanceByRefId
getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:143
$target_id
$target_id
Definition: goto.php:88
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilObject\_isInTrash
_isInTrash($a_ref_id)
checks wether object is in trash
Definition: class.ilObject.php:1210
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1196
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276
+ Here is the call graph for this function:

◆ addUserRoleEntry()

ilSoapRBACAdministration::addUserRoleEntry (   $sid,
  $user_id,
  $role_id 
)

Definition at line 86 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

87  {
88  $this->initAuth($sid);
89  $this->initIlias();
90 
91  if(!$this->__checkSession($sid))
92  {
93  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
94  }
95 
96  global $rbacadmin,$rbacreview,$ilAccess;
97 
98  if($tmp_user =& ilObjectFactory::getInstanceByObjId($user_id) and $tmp_user->getType() != 'usr')
99  {
100  return $this->__raiseError('No valid user id given. Please choose an existing id of an ILIAS user',
101  'Client');
102  }
103  if($tmp_role =& ilObjectFactory::getInstanceByObjId($role_id) and $tmp_role->getType() != 'role')
104  {
105  return $this->__raiseError('No valid role id given. Please choose an existing id of an ILIAS role',
106  'Client');
107  }
108 
109  $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
110  if(!$ilAccess->checkAccess('edit_permission','',$obj_ref))
111  {
112  return $this->__raiseError('Check access failed. No permission to assign users','Server');
113  }
114 
115  if(!$rbacadmin->assignUser($role_id,$user_id))
116  {
117  return $this->__raiseError('Error rbacadmin->assignUser()',
118  'Server');
119  }
120  return true;
121  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilObjectFactory\getInstanceByObjId
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
+ Here is the call graph for this function:

◆ deleteRole()

ilSoapRBACAdministration::deleteRole (   $sid,
  $role_id 
)

Definition at line 43 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

44  {
45  $this->initAuth($sid);
46  $this->initIlias();
47 
48  if(!$this->__checkSession($sid))
49  {
50  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
51  }
52 
53  global $rbacreview, $rbacsystem,$ilAccess;
54 
55  if(!$tmp_role =& ilObjectFactory::getInstanceByObjId($role_id,false) or $tmp_role->getType() != 'role')
56  {
57  return $this->__raiseError('No valid role id given. Please choose an existing id of an ILIAS role',
58  'Client');
59  }
60 
61 
62  $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
63  if(!$ilAccess->checkAccess('edit_permission','',$obj_ref))
64  {
65  return $this->__raiseError('Check access failed. No permission to delete role','Server');
66  }
67 
68  // if it's last role of an user
69  foreach($assigned_users = $rbacreview->assignedUsers($role_id) as $user_id)
70  {
71  if(count($rbacreview->assignedRoles($user_id)) == 1)
72  {
73  return $this->__raiseError('Cannot deassign last role of users',
74  'Client');
75  }
76  }
77 
78  // set parent id (role folder id) of role
79  $rolf_id = end($rolf_ids = $rbacreview->getFoldersAssignedToRole($role_id,true));
80  $tmp_role->setParent($rolf_id);
81  $tmp_role->delete();
82 
83  return true;
84  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilObjectFactory\getInstanceByObjId
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
+ Here is the call graph for this function:

◆ deleteUserRoleEntry()

ilSoapRBACAdministration::deleteUserRoleEntry (   $sid,
  $user_id,
  $role_id 
)

Definition at line 122 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

123  {
124  $this->initAuth($sid);
125  $this->initIlias();
126 
127  if(!$this->__checkSession($sid))
128  {
129  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
130  }
131 
132  global $rbacadmin,$ilAccess,$rbacreview;
133 
134  if($tmp_user =& ilObjectFactory::getInstanceByObjId($user_id,false) and $tmp_user->getType() != 'usr')
135  {
136  return $this->__raiseError('No valid user id given. Please choose an existing id of an ILIAS user',
137  'Client');
138  }
139  if($tmp_role =& ilObjectFactory::getInstanceByObjId($role_id,false) and $tmp_role->getType() != 'role')
140  {
141  return $this->__raiseError('No valid role id given. Please choose an existing id of an ILIAS role',
142  'Client');
143  }
144 
145  $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
146  if(!$ilAccess->checkAccess('edit_permission','',$obj_ref))
147  {
148  return $this->__raiseError('Check access failed. No permission to deassign users','Server');
149  }
150 
151  if(!$rbacadmin->deassignUser($role_id,$user_id))
152  {
153  return $this->__raiseError('Error rbacadmin->deassignUser()',
154  'Server');
155  }
156  return true;
157  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilObjectFactory\getInstanceByObjId
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
+ Here is the call graph for this function:

◆ getLocalRoles()

ilSoapRBACAdministration::getLocalRoles (   $sid,
  $ref_id 
)

Definition at line 265 of file class.ilSoapRBACAdministration.php.

References $ref_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

266  {
267  $this->initAuth($sid);
268  $this->initIlias();
269 
270  if(!$this->__checkSession($sid))
271  {
272  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
273  }
274 
275  global $rbacreview,$ilAccess;
276 
277  if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($ref_id,false))
278  {
279  return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
280  'Client');
281  }
282 
283  if(!$ilAccess->checkAccess('edit_permission','',$ref_id))
284  {
285  return $this->__raiseError('Check access failed. No permission to access role information','Server');
286  }
287 
288 
289  foreach($rbacreview->getRolesOfRoleFolder($ref_id,false) as $role_id)
290  {
291  if($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id,false))
292  {
293  $objs[] = $tmp_obj;
294  }
295  }
296  if(count($objs))
297  {
298  include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
299 
300  $xml_writer = new ilObjectXMLWriter();
301  $xml_writer->setObjects($objs);
302  if($xml_writer->start())
303  {
304  return $xml_writer->getXML();
305  }
306  }
307  return '';
308  }
ilObjectFactory\getInstanceByRefId
getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:143
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilObjectFactory\getInstanceByObjId
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:

◆ getObjectTreeOperations()

ilSoapRBACAdministration::getObjectTreeOperations (   $sid,
  $ref_id,
  $user_id 
)

Definition at line 484 of file class.ilSoapRBACAdministration.php.

References $data, $ref_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

485  {
486  $this->initAuth($sid);
487  $this->initIlias();
488 
489  if(!$this->__checkSession($sid))
490  {
491  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
492  }
493 
494  global $rbacsystem,$rbacreview,$ilAccess;
495 
496 
497  if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($ref_id,false))
498  {
499  return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
500  'Client');
501  }
502 
503  if(!$tmp_user =& ilObjectFactory::getInstanceByObjId($user_id,false))
504  {
505  return $this->__raiseError('No valid user id given.',
506  'Client');
507  }
508 
509  if(ilObject::_isInTrash($ref_id))
510  {
511  return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
512  }
513 
514 
515 
516  // check visible for all upper tree entries
517  if(!$ilAccess->checkAccessOfUser($tmp_user->getId(),'visible','',$tmp_obj->getRefId()))
518  {
519  return array();
520  }
521  $op_data = $rbacreview->getOperation(2);
522  $ops_data[] = $op_data;
523 
524  if(!$ilAccess->checkAccessOfUser($tmp_user->getId(),'read','',$tmp_obj->getRefId()))
525  {
526  return $ops_data;
527  }
528 
529 
530  $ops_data = array();
531  $ops = $rbacreview->getOperationsOnTypeString($tmp_obj->getType());
532  foreach($ops as $ops_id)
533  {
534  $op_data = $rbacreview->getOperation($ops_id);
535 
536  if($rbacsystem->checkAccessOfUser($user_id,$op_data['operation'],$tmp_obj->getRefId()))
537  {
538  $ops_data[$ops_id] = $op_data;
539  }
540 
541  }
542 
543  foreach($ops_data as $data)
544  {
545  $ret_data[] = $data;
546  }
547  return $ret_data ? $ret_data : array();
548  }
ilObjectFactory\getInstanceByRefId
getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:143
$data
$data
Definition: example_011.php:126
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilObjectFactory\getInstanceByObjId
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
ilObject\_isInTrash
_isInTrash($a_ref_id)
checks wether object is in trash
Definition: class.ilObject.php:1210
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:

◆ getOperations()

ilSoapRBACAdministration::getOperations (   $sid)

Definition at line 159 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

160  {
161  $this->initAuth($sid);
162  $this->initIlias();
163 
164  if(!$this->__checkSession($sid))
165  {
166  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
167  }
168 
169  global $rbacreview;
170 
171  if(is_array($ops = $rbacreview->getOperations()))
172  {
173  return $ops;
174  }
175  else
176  {
177  return $this->__raiseError('Unknown error','Server');
178  }
179  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
+ Here is the call graph for this function:

◆ getRoles()

ilSoapRBACAdministration::getRoles (   $sid,
  $role_type,
  $id 
)

get roles for a specific type and id

Parameters
String$sidsession id
String$role_typecan be empty which means "local & global", "local", "global", "user", "user_login" or "template"
Mixed$idcan be -1 for system role folder, can be ref id in case for role type "local/global/template", can be user id with "user" or login in case for role type "user_login"
Returns
String according DTD role_3_7

Definition at line 558 of file class.ilSoapRBACAdministration.php.

References $ilDB, $ilUser, $query, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), DB_FETCHMODE_ASSOC, ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), ilSoapAdministration\initIlias(), and parseUserID().

559  {
560  $this->initAuth($sid);
561  $this->initIlias();
562 
563  if(!$this->__checkSession($sid))
564  {
565  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
566  }
567 
568  global $rbacsystem, $rbacreview, $ilUser, $ilDB;
569 
570  if (strcasecmp($role_type,"") != 0 &&
571  strcasecmp($role_type,"local") != 0 &&
572  strcasecmp($role_type,"global") != 0 &&
573  strcasecmp($role_type,"user") != 0 &&
574  strcasecmp($role_type,"user_login") != 0 &&
575  strcasecmp($role_type,"template") != 0)
576  {
577  return $this->__raiseError('Called service with wrong role_type parameter \''.$role_type.'\'','Client');
578  }
579 
580  $roles = array();
581 
582 
583  if (strcasecmp($role_type,"template") == 0)
584  // get templates
585  {
586  $roles = $rbacreview->getRolesByFilter(6, $ilUser->getId());
587  } elseif (strcasecmp($role_type,"user")==0 || strcasecmp($role_type,"user_login")==0)
588  // handle user roles
589  {
590  $user_id = $this->parseUserID($id, $role_type);
591  if ($user_id != $ilUser->getId())
592  // check access for user folder
593  {
594  $tmpUser = new ilObjUser($user_id);
595  $timelimitOwner = $tmpUser->getTimeLimitOwner();
596  if(!$rbacsystem->checkAccess('read',$timelimitOwner))
597  {
598  return $this->__raiseError('Check access for time limit owner failed.','Server');
599  }
600  }
601  $role_type = ""; // local and global roles for user
602 
603  $query = sprintf("SELECT object_data.title, rbac_fa.* FROM object_data, rbac_ua, rbac_fa WHERE rbac_ua.rol_id IN ('%s') AND rbac_ua.rol_id = rbac_fa.rol_id AND object_data.obj_id = rbac_fa.rol_id AND rbac_ua.usr_id=".$user_id,
604  join ("','", $rbacreview->assignedRoles($user_id))
605  );
606 
607  $rbacresult = $ilDB->query($query);
608  while ($rbacrow = $rbacresult->fetchRow(DB_FETCHMODE_ASSOC))
609  {
610  if ($rbacrow["assign"] != "y")
611  continue;
612 
613  $type = "";
614 
615  if ($rbacrow["parent"] == ROLE_FOLDER_ID)
616  {
617  $type = "Global";
618  }
619  else
620  {
621  $type = "Local";
622  }
623  if (strlen($type) && $tmp_obj = ilObjectFactory::getInstanceByObjId($rbacrow["rol_id"],false))
624  {
625  /* @var $tmp_obj IlObjRole */
626  $roles[] = array (
627  "obj_id" =>$rbacrow["rol_id"],
628  "title" => $tmp_obj->getTitle(),
629  "description" => $tmp_obj->getDescription(),
630  "role_type" => $type);
631  }
632  }
633  } elseif ($id == "-1")
634  // get all roles of system role folder
635  {
636  if(!$rbacsystem->checkAccess('read',ROLE_FOLDER_ID))
637  {
638  return $this->__raiseError('Check access failed.','Server');
639  }
640 
641  $roles = $rbacreview->getAssignableRoles(false, true);
642  }
643  else
644  // get local roles for a specific repository object
645  // needs permission to read permissions of this object
646  {
647  if(!$rbacsystem->checkAccess('edit_permission',$id))
648  {
649  return $this->__raiseError('Check access for local roles failed.','Server');
650  }
651 
652  if (!is_numeric($id)) {
653  return $this->__raiseError('Id must be numeric to process roles of a repository object.','Client');
654  }
655 
656  $role_type = "local";
657 
658  foreach($rbacreview->getRolesOfRoleFolder($id,false) as $role_id)
659  {
660  if($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id,false))
661  {
662  $roles[] = array ("obj_id" => $role_id, "title" => $tmp_obj->getTitle(), "description" => $tmp_obj->getDescription(), "role_type" => $role_type);
663  }
664  }
665  }
666 
667 
668  include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
669 
670  $xml_writer = new ilSoapRoleObjectXMLWriter();
671  $xml_writer->setObjects($roles);
672  $xml_writer->setType ($role_type);
673  if($xml_writer->start())
674  {
675  return $xml_writer->getXML();
676  }
677  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
DB_FETCHMODE_ASSOC
const DB_FETCHMODE_ASSOC
Definition: class.ilDB.php:10
ilObjectFactory\getInstanceByObjId
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
$ilUser
global $ilUser
Definition: imgupload.php:15
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getUserRoles()

ilSoapRBACAdministration::getUserRoles (   $sid,
  $user_id 
)

Definition at line 310 of file class.ilSoapRBACAdministration.php.

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

311  {
312  $this->initAuth($sid);
313  $this->initIlias();
314 
315  if(!$this->__checkSession($sid))
316  {
317  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
318  }
319 
320  global $rbacreview;
321 
322  if(!$tmp_user =& ilObjectFactory::getInstanceByObjId($user_id,false))
323  {
324  return $this->__raiseError('No valid user id given. Please choose an existing id of an ILIAS user',
325  'Client');
326  }
327 
328  foreach($rbacreview->assignedRoles($user_id) as $role_id)
329  {
330  if($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id,false))
331  {
332  $objs[] = $tmp_obj;
333  }
334  }
335  if(count($objs))
336  {
337  include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
338 
339  $xml_writer = new ilObjectXMLWriter();
340  $xml_writer->setObjects($objs);
341  if($xml_writer->start())
342  {
343  return $xml_writer->getXML();
344  }
345  }
346  return '';
347  }
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilObjectFactory\getInstanceByObjId
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
+ Here is the call graph for this function:

◆ grantPermissions()

ilSoapRBACAdministration::grantPermissions (   $sid,
  $ref_id,
  $role_id,
  $permissions 
)

Definition at line 218 of file class.ilSoapRBACAdministration.php.

References $ref_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

219  {
220  $this->initAuth($sid);
221  $this->initIlias();
222 
223  if(!$this->__checkSession($sid))
224  {
225  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
226  }
227 
228  global $rbacadmin,$ilAccess;
229 
230  if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($ref_id,false))
231  {
232  return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
233  'Client');
234  }
235  if($tmp_role =& ilObjectFactory::getInstanceByObjId($role_id,false) and $tmp_role->getType() != 'role')
236  {
237  return $this->__raiseError('No valid role id given. Please choose an existing id of an ILIAS role',
238  'Client');
239  }
240 
241  if(!$ilAccess->checkAccess('edit_permission','',$ref_id))
242  {
243  return $this->__raiseError('Check access failed. No permission to grant permissions','Server');
244  }
245 
246 
247  // mjansen@databay.de: dirty fix
248  if(isset($permissions['item']))
249  {
250  $permissions = $permissions['item'];
251  }
252 
253  if(!is_array($permissions))
254  {
255  return $this->__raiseError('No valid permissions given.'.print_r($permissions),
256  'Client');
257  }
258 
259  $rbacadmin->revokePermission($ref_id,$role_id);
260  $rbacadmin->grantPermission($role_id,$permissions,$ref_id);
261 
262  return true;
263  }
ilObjectFactory\getInstanceByRefId
getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:143
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilObjectFactory\getInstanceByObjId
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:

◆ ilSoapRBACAdministration()

ilSoapRBACAdministration::ilSoapRBACAdministration ( )

Definition at line 37 of file class.ilSoapRBACAdministration.php.

38  {
39  parent::ilSoapAdministration();
40  }

◆ parseUserID()

ilSoapRBACAdministration::parseUserID (   $id,
  $role_type 
)
private

Definition at line 761 of file class.ilSoapRBACAdministration.php.

References ilUtil\__extractId(), ilSoapAdministration\__raiseError(), and ilObjUser\_lookupId().

Referenced by getRoles().

761  {
762  if (strcasecmp($role_type,"user")==0)
763  // get user roles for user id, which can be numeric or ilias id
764  {
765  $user_id = !is_numeric($id) ? ilUtil::__extractId($id, IL_INST_ID) : $id;
766  if (!is_numeric($user_id))
767  {
768  return $this->__raiseError('ID must be either numeric or ILIAS conform id for type \'user\'','Client');
769  }
770  } elseif (strcasecmp($role_type, "user_login") == 0)
771  // check for login
772  {
773  $user_id = ilObjUser::_lookupId($id);
774  if (!$user_id)
775  // could not find a valid user
776  {
777  return $this->__raiseError('User with login \''.$id.'\' does not exist!','Client');
778  }
779  }
780  return $user_id;
781  }
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:824
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilUtil\__extractId
static __extractId($ilias_id, $inst_id)
extract ref id from role title, e.g.
Definition: class.ilUtil.php:4863
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ revokePermissions()

ilSoapRBACAdministration::revokePermissions (   $sid,
  $ref_id,
  $role_id 
)

Definition at line 181 of file class.ilSoapRBACAdministration.php.

References $ref_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

182  {
183  $this->initAuth($sid);
184  $this->initIlias();
185 
186  if(!$this->__checkSession($sid))
187  {
188  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
189  }
190 
191  global $rbacadmin,$ilAccess;
192 
193  if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($ref_id,false))
194  {
195  return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
196  'Client');
197  }
198  if($tmp_role =& ilObjectFactory::getInstanceByObjId($role_id,false) and $tmp_role->getType() != 'role')
199  {
200  return $this->__raiseError('No valid role id given. Please choose an existing id of an ILIAS role',
201  'Client');
202  }
203  if ($role_id == SYSTEM_ROLE_ID)
204  {
205  return $this->__raiseError('Cannot revoke permissions of system role',
206  'Client');
207  }
208 
209  if(!$ilAccess->checkAccess('edit_permission','',$ref_id))
210  {
211  return $this->__raiseError('Check access failed. No permission to revoke permissions','Server');
212  }
213 
214  $rbacadmin->revokePermission($ref_id,$role_id);
215 
216  return true;
217  }
ilObjectFactory\getInstanceByRefId
getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:143
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
ilObjectFactory\getInstanceByObjId
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:

◆ searchRoles()

ilSoapRBACAdministration::searchRoles (   $sid,
  $key,
  $combination,
  $role_type 
)

search for roles.

Parameters
String$sid
String$searchtermscomma separated search terms
String$operatormust be or or and
String$role_typecan be empty which means "local & global", "local", "global", "user" = roles of user, "user_login" or "template"

Definition at line 689 of file class.ilSoapRBACAdministration.php.

References $ilDB, $ilUser, $res, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectSearchFactory\_getObjectSearchInstance(), ilSoapAdministration\initAuth(), ilSoapAdministration\initIlias(), QP_COMBINATION_AND, and QP_COMBINATION_OR.

690  {
691  $this->initAuth($sid);
692  $this->initIlias();
693 
694  if(!$this->__checkSession($sid))
695  {
696  return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
697  }
698 
699  global $rbacsystem, $rbacreview, $ilUser, $ilDB;
700 
701 
702  if (strcasecmp($role_type,"") != 0 &&
703  strcasecmp($role_type,"local") != 0 &&
704  strcasecmp($role_type,"global") != 0 &&
705  strcasecmp($role_type,"template") != 0)
706  {
707  return $this->__raiseError('Called service with wrong role_type parameter \''.$role_type.'\'','Client');
708  }
709 
710  if($combination != 'and' and $combination != 'or')
711  {
712  return $this->__raiseError('No valid combination given. Must be "and" or "or".',
713  'Client');
714  }
715 
716  include_once './Services/Search/classes/class.ilQueryParser.php';
717 
718  $query_parser =& new ilQueryParser($key);
719  $query_parser->setMinWordLength(3);
720  $query_parser->setCombination($combination == 'and' ? QP_COMBINATION_AND : QP_COMBINATION_OR);
721  $query_parser->parse();
722  if(!$query_parser->validate())
723  {
724  return $this->__raiseError($query_parser->getMessage(), 'Client');
725  }
726 
727  include_once './Services/Search/classes/class.ilObjectSearchFactory.php';
728 
729  $object_search = ilObjectSearchFactory::_getObjectSearchInstance($query_parser);
730  $object_search->setFilter(array("role","rolt"));
731 
732  $res = $object_search->performSearch();
733  $res->filter(ROOT_FOLDER_ID, $combination == 'and' ? true : false);
734 
735  $obj_ids = array();
736  foreach($res->getUniqueResults() as $entry)
737  {
738  $obj_ids [] = $entry['obj_id'];
739  }
740 
741  $roles = array();
742  if (count($obj_ids)> 0 )
743  {
744  #print_r($obj_ids);
745  $roles = $rbacreview->getRolesForIDs($obj_ids, $role_type == "template");
746  }
747  #print_r($roles);
748  include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
749  $xml_writer = new ilSoapRoleObjectXMLWriter();
750  $xml_writer->setObjects($roles);
751  $xml_writer->setType ($role_type);
752  if($xml_writer->start())
753  {
754  return $xml_writer->getXML();
755  }
756 
757 
758  }
QP_COMBINATION_OR
const QP_COMBINATION_OR
Definition: class.ilQueryParser.php:36
ilSoapAdministration\__raiseError
__raiseError($a_message, $a_code)
Definition: class.ilSoapAdministration.php:226
$ilUser
global $ilUser
Definition: imgupload.php:15
ilObjectSearchFactory\_getObjectSearchInstance
static _getObjectSearchInstance($query_parser)
get reference of ilFulltext/LikeObjectSearch.
Definition: class.ilObjectSearchFactory.php:46
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
QP_COMBINATION_AND
const QP_COMBINATION_AND
Definition: class.ilQueryParser.php:35
+ Here is the call graph for this function:
The documentation for this class was generated from the following file: