ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
ilSoapRBACAdministration Class Reference
+ Inheritance diagram for ilSoapRBACAdministration:
+ Collaboration diagram for ilSoapRBACAdministration:

Public Member Functions

 ilSoapRBACAdministration ()
 
 deleteRole ($sid, $role_id)
 
 addUserRoleEntry ($sid, $user_id, $role_id)
 
 deleteUserRoleEntry ($sid, $user_id, $role_id)
 
 getOperations ($sid)
 
 revokePermissions ($sid, $ref_id, $role_id)
 
 grantPermissions ($sid, $ref_id, $role_id, $permissions)
 
 getLocalRoles ($sid, $ref_id)
 
 getUserRoles ($sid, $user_id)
 
 addRole ($sid, $target_id, $role_xml)
 
 addRoleFromTemplate ($sid, $target_id, $role_xml, $template_id)
 
 getObjectTreeOperations ($sid, $ref_id, $user_id)
 
 getRoles ($sid, $role_type, $id)
 get roles for a specific type and id More...
 
 searchRoles ($sid, $key, $combination, $role_type)
 search for roles. More...
 
- Public Member Functions inherited from ilSoapAdministration
 ilSoapAdministration ($use_nusoap=true)
 
 initErrorWriter ()
 Overwrite error handler. More...
 
 __explodeSid ($sid)
 
 __setMessage ($a_str)
 
 __getMessage ()
 
 __appendMessage ($a_str)
 
 __setMessageCode ($a_code)
 
 __getMessageCode ()
 
 initAuth ($sid)
 
 initIlias ()
 
 __initAuthenticationObject ($a_auth_mode=AUTH_LOCAL)
 
 __raiseError ($a_message, $a_code)
 
 getNIC ($sid)
 get client information from current as xml result set More...
 
 isFault ($object)
 
 checkObjectAccess ($ref_id, $expected_type, $permission, $returnObject=false)
 check access for ref id: expected type, permission, return object instance if returnobject is true More...
 
 getInstallationInfoXML ()
 
 getClientInfoXML ($clientid)
 

Private Member Functions

 parseUserID ($id, $role_type)
 

Additional Inherited Members

- Static Public Member Functions inherited from ilSoapAdministration
static return_bytes ($val)
 calculate bytes from K,M,G modifiers e.g: 8M = 8 * 1024 * 1024 bytes More...
 
- Data Fields inherited from ilSoapAdministration
 $sauth = null
 
 $error_method = null
 
- Protected Attributes inherited from ilSoapAdministration
 $soap_check = true
 

Detailed Description

Definition at line 35 of file class.ilSoapRBACAdministration.php.

Member Function Documentation

◆ addRole()

ilSoapRBACAdministration::addRole (   $sid,
  $target_id,
  $role_xml 
)

Definition at line 349 of file class.ilSoapRBACAdministration.php.

350 {
351 $this->initAuth($sid);
352 $this->initIlias();
353
354 if(!$this->__checkSession($sid))
355 {
356 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
357 }
358
359 global $rbacreview, $objDefinition, $rbacsystem,$ilAccess;
360
361 if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($target_id,false))
362 {
363 return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
364 'Client');
365 }
366
368 {
369 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
370 }
371
372 if(!$ilAccess->checkAccess('edit_permission','',$target_id))
373 {
374 return $this->__raiseError('Check access failed. No permission to create roles','Server');
375 }
376
377 include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
378
379 $xml_parser =& new ilObjectXMLParser($role_xml);
380 $xml_parser->startParsing();
381
382 foreach($xml_parser->getObjectData() as $object_data)
383 {
384
385 // check if role title has il_ prefix
386 if(substr($object_data['title'],0,3) == "il_")
387 {
388 return $this->__raiseError('Rolenames are not allowed to start with "il_" ',
389 'Client');
390 }
391
392 include_once './Services/AccessControl/classes/class.ilObjRole.php';
393 $role = new ilObjRole();
394 $role->setTitle($object_data['title']);
395 $role->setDescription($object_data['description']);
396 $role->setImportId($object_data['import_id']);
397 $role->create();
398
399 $GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(),$target_id);
400 $new_roles[] = $role->getId();
401 }
402
403 return $new_roles ? $new_roles : array();
404 }
Class ilObjRole.
getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
_isInTrash($a_ref_id)
checks wether object is in trash
__raiseError($a_message, $a_code)
$target_id
Definition: goto.php:88
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276

References $GLOBALS, $target_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ addRoleFromTemplate()

ilSoapRBACAdministration::addRoleFromTemplate (   $sid,
  $target_id,
  $role_xml,
  $template_id 
)

Definition at line 406 of file class.ilSoapRBACAdministration.php.

407 {
408 $this->initAuth($sid);
409 $this->initIlias();
410
411 if(!$this->__checkSession($sid))
412 {
413 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
414 }
415
416 global $rbacreview, $objDefinition, $rbacsystem, $rbacadmin,$ilAccess;
417
418 if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($target_id,false))
419 {
420 return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
421 'Client');
422 }
424 {
425 return $this->__raiseError('No valid template id given. Please choose an existing object id of an ILIAS role template',
426 'Client');
427 }
428
429
431 {
432 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
433 }
434
435 if(!$ilAccess->checkAccess('edit_permission','',$target_id))
436 {
437 return $this->__raiseError('Check access failed. No permission to create roles','Server');
438 }
439
440
441 include_once 'webservice/soap/classes/class.ilObjectXMLParser.php';
442
443 $xml_parser =& new ilObjectXMLParser($role_xml);
444 $xml_parser->startParsing();
445
446 foreach($xml_parser->getObjectData() as $object_data)
447 {
448
449 // check if role title has il_ prefix
450 if(substr($object_data['title'],0,3) == "il_")
451 {
452 return $this->__raiseError('Rolenames are not allowed to start with "il_" ',
453 'Client');
454 }
455
456 include_once './Services/AccessControl/classes/class.ilObjRole.php';
457 $role = new ilObjRole();
458 $role->setTitle($object_data['title']);
459 $role->setDescription($object_data['description']);
460 $role->setImportId($object_data['import_id']);
461 $role->create();
462
463 $GLOBALS['rbacadmin']->assignRoleToFolder($role->getId(),$target_id);
464
465 // Copy permssions
466 $rbacadmin->copyRoleTemplatePermissions($template_id,ROLE_FOLDER_ID,$target_id,$role->getId());
467
468 // Set object permissions according to role template
469 $ops = $rbacreview->getOperationsOfRole($role->getId(),$tmp_obj->getType(),$target_id);
470 $rbacadmin->grantPermission($role->getId(),$ops,$target_id);
471 $new_roles[] = $role->getId();
472 }
473
474
475 // CREATE ADMIN ROLE
476
477
478
479
480
481 return $new_roles ? $new_roles : array();
482 }
static _lookupType($a_id, $a_reference=false)
lookup object type
$template_id
Definition: example_062.php:89

References $GLOBALS, $target_id, $template_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), ilObject\_lookupType(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ addUserRoleEntry()

ilSoapRBACAdministration::addUserRoleEntry (   $sid,
  $user_id,
  $role_id 
)

Definition at line 86 of file class.ilSoapRBACAdministration.php.

87 {
88 $this->initAuth($sid);
89 $this->initIlias();
90
91 if(!$this->__checkSession($sid))
92 {
93 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
94 }
95
96 global $rbacadmin,$rbacreview,$ilAccess;
97
98 if($tmp_user =& ilObjectFactory::getInstanceByObjId($user_id) and $tmp_user->getType() != 'usr')
99 {
100 return $this->__raiseError('No valid user id given. Please choose an existing id of an ILIAS user',
101 'Client');
102 }
103 if($tmp_role =& ilObjectFactory::getInstanceByObjId($role_id) and $tmp_role->getType() != 'role')
104 {
105 return $this->__raiseError('No valid role id given. Please choose an existing id of an ILIAS role',
106 'Client');
107 }
108
109 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
110 if(!$ilAccess->checkAccess('edit_permission','',$obj_ref))
111 {
112 return $this->__raiseError('Check access failed. No permission to assign users','Server');
113 }
114
115 if(!$rbacadmin->assignUser($role_id,$user_id))
116 {
117 return $this->__raiseError('Error rbacadmin->assignUser()',
118 'Server');
119 }
120 return true;
121 }
getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ deleteRole()

ilSoapRBACAdministration::deleteRole (   $sid,
  $role_id 
)

Definition at line 43 of file class.ilSoapRBACAdministration.php.

44 {
45 $this->initAuth($sid);
46 $this->initIlias();
47
48 if(!$this->__checkSession($sid))
49 {
50 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
51 }
52
53 global $rbacreview, $rbacsystem,$ilAccess;
54
55 if(!$tmp_role =& ilObjectFactory::getInstanceByObjId($role_id,false) or $tmp_role->getType() != 'role')
56 {
57 return $this->__raiseError('No valid role id given. Please choose an existing id of an ILIAS role',
58 'Client');
59 }
60
61
62 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
63 if(!$ilAccess->checkAccess('edit_permission','',$obj_ref))
64 {
65 return $this->__raiseError('Check access failed. No permission to delete role','Server');
66 }
67
68 // if it's last role of an user
69 foreach($assigned_users = $rbacreview->assignedUsers($role_id) as $user_id)
70 {
71 if(count($rbacreview->assignedRoles($user_id)) == 1)
72 {
73 return $this->__raiseError('Cannot deassign last role of users',
74 'Client');
75 }
76 }
77
78 // set parent id (role folder id) of role
79 $rolf_id = end($rolf_ids = $rbacreview->getFoldersAssignedToRole($role_id,true));
80 $tmp_role->setParent($rolf_id);
81 $tmp_role->delete();
82
83 return true;
84 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ deleteUserRoleEntry()

ilSoapRBACAdministration::deleteUserRoleEntry (   $sid,
  $user_id,
  $role_id 
)

Definition at line 122 of file class.ilSoapRBACAdministration.php.

123 {
124 $this->initAuth($sid);
125 $this->initIlias();
126
127 if(!$this->__checkSession($sid))
128 {
129 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
130 }
131
132 global $rbacadmin,$ilAccess,$rbacreview;
133
134 if($tmp_user =& ilObjectFactory::getInstanceByObjId($user_id,false) and $tmp_user->getType() != 'usr')
135 {
136 return $this->__raiseError('No valid user id given. Please choose an existing id of an ILIAS user',
137 'Client');
138 }
139 if($tmp_role =& ilObjectFactory::getInstanceByObjId($role_id,false) and $tmp_role->getType() != 'role')
140 {
141 return $this->__raiseError('No valid role id given. Please choose an existing id of an ILIAS role',
142 'Client');
143 }
144
145 $obj_ref = $rbacreview->getObjectReferenceOfRole($role_id);
146 if(!$ilAccess->checkAccess('edit_permission','',$obj_ref))
147 {
148 return $this->__raiseError('Check access failed. No permission to deassign users','Server');
149 }
150
151 if(!$rbacadmin->deassignUser($role_id,$user_id))
152 {
153 return $this->__raiseError('Error rbacadmin->deassignUser()',
154 'Server');
155 }
156 return true;
157 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ getLocalRoles()

ilSoapRBACAdministration::getLocalRoles (   $sid,
  $ref_id 
)

Definition at line 265 of file class.ilSoapRBACAdministration.php.

266 {
267 $this->initAuth($sid);
268 $this->initIlias();
269
270 if(!$this->__checkSession($sid))
271 {
272 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
273 }
274
275 global $rbacreview,$ilAccess;
276
277 if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($ref_id,false))
278 {
279 return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
280 'Client');
281 }
282
283 if(!$ilAccess->checkAccess('edit_permission','',$ref_id))
284 {
285 return $this->__raiseError('Check access failed. No permission to access role information','Server');
286 }
287
288
289 foreach($rbacreview->getRolesOfRoleFolder($ref_id,false) as $role_id)
290 {
291 if($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id,false))
292 {
293 $objs[] = $tmp_obj;
294 }
295 }
296 if(count($objs))
297 {
298 include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
299
300 $xml_writer = new ilObjectXMLWriter();
301 $xml_writer->setObjects($objs);
302 if($xml_writer->start())
303 {
304 return $xml_writer->getXML();
305 }
306 }
307 return '';
308 }
$ref_id
Definition: sahs_server.php:39

References $ref_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ getObjectTreeOperations()

ilSoapRBACAdministration::getObjectTreeOperations (   $sid,
  $ref_id,
  $user_id 
)

Definition at line 484 of file class.ilSoapRBACAdministration.php.

485 {
486 $this->initAuth($sid);
487 $this->initIlias();
488
489 if(!$this->__checkSession($sid))
490 {
491 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
492 }
493
494 global $rbacsystem,$rbacreview,$ilAccess;
495
496
497 if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($ref_id,false))
498 {
499 return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
500 'Client');
501 }
502
503 if(!$tmp_user =& ilObjectFactory::getInstanceByObjId($user_id,false))
504 {
505 return $this->__raiseError('No valid user id given.',
506 'Client');
507 }
508
510 {
511 return $this->__raiseError("Parent with ID $target_id has been deleted.", 'CLIENT_TARGET_DELETED');
512 }
513
514
515
516 // check visible for all upper tree entries
517 if(!$ilAccess->checkAccessOfUser($tmp_user->getId(),'visible','',$tmp_obj->getRefId()))
518 {
519 return array();
520 }
521 $op_data = $rbacreview->getOperation(2);
522 $ops_data[] = $op_data;
523
524 if(!$ilAccess->checkAccessOfUser($tmp_user->getId(),'read','',$tmp_obj->getRefId()))
525 {
526 return $ops_data;
527 }
528
529
530 $ops_data = array();
531 $ops = $rbacreview->getOperationsOnTypeString($tmp_obj->getType());
532 foreach($ops as $ops_id)
533 {
534 $op_data = $rbacreview->getOperation($ops_id);
535
536 if($rbacsystem->checkAccessOfUser($user_id,$op_data['operation'],$tmp_obj->getRefId()))
537 {
538 $ops_data[$ops_id] = $op_data;
539 }
540
541 }
542
543 foreach($ops_data as $data)
544 {
545 $ret_data[] = $data;
546 }
547 return $ret_data ? $ret_data : array();
548 }
$data

References $data, $ref_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObject\_isInTrash(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ getOperations()

ilSoapRBACAdministration::getOperations (   $sid)

Definition at line 159 of file class.ilSoapRBACAdministration.php.

160 {
161 $this->initAuth($sid);
162 $this->initIlias();
163
164 if(!$this->__checkSession($sid))
165 {
166 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
167 }
168
169 global $rbacreview;
170
171 if(is_array($ops = $rbacreview->getOperations()))
172 {
173 return $ops;
174 }
175 else
176 {
177 return $this->__raiseError('Unknown error','Server');
178 }
179 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ getRoles()

ilSoapRBACAdministration::getRoles (   $sid,
  $role_type,
  $id 
)

get roles for a specific type and id

Parameters
String$sidsession id
String$role_typecan be empty which means "local & global", "local", "global", "user", "user_login" or "template"
Mixed$idcan be -1 for system role folder, can be ref id in case for role type "local/global/template", can be user id with "user" or login in case for role type "user_login"
Returns
String according DTD role_3_7

Definition at line 558 of file class.ilSoapRBACAdministration.php.

559 {
560 $this->initAuth($sid);
561 $this->initIlias();
562
563 if(!$this->__checkSession($sid))
564 {
565 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
566 }
567
568 global $rbacsystem, $rbacreview, $ilUser, $ilDB;
569
570 if (strcasecmp($role_type,"") != 0 &&
571 strcasecmp($role_type,"local") != 0 &&
572 strcasecmp($role_type,"global") != 0 &&
573 strcasecmp($role_type,"user") != 0 &&
574 strcasecmp($role_type,"user_login") != 0 &&
575 strcasecmp($role_type,"template") != 0)
576 {
577 return $this->__raiseError('Called service with wrong role_type parameter \''.$role_type.'\'','Client');
578 }
579
580 $roles = array();
581
582
583 if (strcasecmp($role_type,"template") == 0)
584 // get templates
585 {
586 $roles = $rbacreview->getRolesByFilter(6, $ilUser->getId());
587 } elseif (strcasecmp($role_type,"user")==0 || strcasecmp($role_type,"user_login")==0)
588 // handle user roles
589 {
590 $user_id = $this->parseUserID($id, $role_type);
591 if ($user_id != $ilUser->getId())
592 // check access for user folder
593 {
594 $tmpUser = new ilObjUser($user_id);
595 $timelimitOwner = $tmpUser->getTimeLimitOwner();
596 if(!$rbacsystem->checkAccess('read',$timelimitOwner))
597 {
598 return $this->__raiseError('Check access for time limit owner failed.','Server');
599 }
600 }
601 $role_type = ""; // local and global roles for user
602
603 $query = sprintf("SELECT object_data.title, rbac_fa.* FROM object_data, rbac_ua, rbac_fa WHERE rbac_ua.rol_id IN ('%s') AND rbac_ua.rol_id = rbac_fa.rol_id AND object_data.obj_id = rbac_fa.rol_id AND rbac_ua.usr_id=".$user_id,
604 join ("','", $rbacreview->assignedRoles($user_id))
605 );
606
607 $rbacresult = $ilDB->query($query);
608 while ($rbacrow = $rbacresult->fetchRow(DB_FETCHMODE_ASSOC))
609 {
610 if ($rbacrow["assign"] != "y")
611 continue;
612
613 $type = "";
614
615 if ($rbacrow["parent"] == ROLE_FOLDER_ID)
616 {
617 $type = "Global";
618 }
619 else
620 {
621 $type = "Local";
622 }
623 if (strlen($type) && $tmp_obj = ilObjectFactory::getInstanceByObjId($rbacrow["rol_id"],false))
624 {
625 /* @var $tmp_obj IlObjRole */
626 $roles[] = array (
627 "obj_id" =>$rbacrow["rol_id"],
628 "title" => $tmp_obj->getTitle(),
629 "description" => $tmp_obj->getDescription(),
630 "role_type" => $type);
631 }
632 }
633 } elseif ($id == "-1")
634 // get all roles of system role folder
635 {
636 if(!$rbacsystem->checkAccess('read',ROLE_FOLDER_ID))
637 {
638 return $this->__raiseError('Check access failed.','Server');
639 }
640
641 $roles = $rbacreview->getAssignableRoles(false, true);
642 }
643 else
644 // get local roles for a specific repository object
645 // needs permission to read permissions of this object
646 {
647 if(!$rbacsystem->checkAccess('edit_permission',$id))
648 {
649 return $this->__raiseError('Check access for local roles failed.','Server');
650 }
651
652 if (!is_numeric($id)) {
653 return $this->__raiseError('Id must be numeric to process roles of a repository object.','Client');
654 }
655
656 $role_type = "local";
657
658 foreach($rbacreview->getRolesOfRoleFolder($id,false) as $role_id)
659 {
660 if($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id,false))
661 {
662 $roles[] = array ("obj_id" => $role_id, "title" => $tmp_obj->getTitle(), "description" => $tmp_obj->getDescription(), "role_type" => $role_type);
663 }
664 }
665 }
666
667
668 include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
669
670 $xml_writer = new ilSoapRoleObjectXMLWriter();
671 $xml_writer->setObjects($roles);
672 $xml_writer->setType ($role_type);
673 if($xml_writer->start())
674 {
675 return $xml_writer->getXML();
676 }
677 }
const DB_FETCHMODE_ASSOC
Definition: class.ilDB.php:10
global $ilDB
global $ilUser
Definition: imgupload.php:15

References $ilDB, $ilUser, $query, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), DB_FETCHMODE_ASSOC, ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), ilSoapAdministration\initIlias(), and parseUserID().

+ Here is the call graph for this function:

◆ getUserRoles()

ilSoapRBACAdministration::getUserRoles (   $sid,
  $user_id 
)

Definition at line 310 of file class.ilSoapRBACAdministration.php.

311 {
312 $this->initAuth($sid);
313 $this->initIlias();
314
315 if(!$this->__checkSession($sid))
316 {
317 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
318 }
319
320 global $rbacreview;
321
322 if(!$tmp_user =& ilObjectFactory::getInstanceByObjId($user_id,false))
323 {
324 return $this->__raiseError('No valid user id given. Please choose an existing id of an ILIAS user',
325 'Client');
326 }
327
328 foreach($rbacreview->assignedRoles($user_id) as $role_id)
329 {
330 if($tmp_obj = ilObjectFactory::getInstanceByObjId($role_id,false))
331 {
332 $objs[] = $tmp_obj;
333 }
334 }
335 if(count($objs))
336 {
337 include_once './webservice/soap/classes/class.ilObjectXMLWriter.php';
338
339 $xml_writer = new ilObjectXMLWriter();
340 $xml_writer->setObjects($objs);
341 if($xml_writer->start())
342 {
343 return $xml_writer->getXML();
344 }
345 }
346 return '';
347 }

References ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ grantPermissions()

ilSoapRBACAdministration::grantPermissions (   $sid,
  $ref_id,
  $role_id,
  $permissions 
)

Definition at line 218 of file class.ilSoapRBACAdministration.php.

219 {
220 $this->initAuth($sid);
221 $this->initIlias();
222
223 if(!$this->__checkSession($sid))
224 {
225 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
226 }
227
228 global $rbacadmin,$ilAccess;
229
230 if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($ref_id,false))
231 {
232 return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
233 'Client');
234 }
235 if($tmp_role =& ilObjectFactory::getInstanceByObjId($role_id,false) and $tmp_role->getType() != 'role')
236 {
237 return $this->__raiseError('No valid role id given. Please choose an existing id of an ILIAS role',
238 'Client');
239 }
240
241 if(!$ilAccess->checkAccess('edit_permission','',$ref_id))
242 {
243 return $this->__raiseError('Check access failed. No permission to grant permissions','Server');
244 }
245
246
247 // mjansen@databay.de: dirty fix
248 if(isset($permissions['item']))
249 {
250 $permissions = $permissions['item'];
251 }
252
253 if(!is_array($permissions))
254 {
255 return $this->__raiseError('No valid permissions given.'.print_r($permissions),
256 'Client');
257 }
258
259 $rbacadmin->revokePermission($ref_id,$role_id);
260 $rbacadmin->grantPermission($role_id,$permissions,$ref_id);
261
262 return true;
263 }

References $ref_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ ilSoapRBACAdministration()

ilSoapRBACAdministration::ilSoapRBACAdministration ( )

Definition at line 37 of file class.ilSoapRBACAdministration.php.

38 {
39 parent::ilSoapAdministration();
40 }

◆ parseUserID()

ilSoapRBACAdministration::parseUserID (   $id,
  $role_type 
)
private

Definition at line 761 of file class.ilSoapRBACAdministration.php.

761 {
762 if (strcasecmp($role_type,"user")==0)
763 // get user roles for user id, which can be numeric or ilias id
764 {
765 $user_id = !is_numeric($id) ? ilUtil::__extractId($id, IL_INST_ID) : $id;
766 if (!is_numeric($user_id))
767 {
768 return $this->__raiseError('ID must be either numeric or ILIAS conform id for type \'user\'','Client');
769 }
770 } elseif (strcasecmp($role_type, "user_login") == 0)
771 // check for login
772 {
773 $user_id = ilObjUser::_lookupId($id);
774 if (!$user_id)
775 // could not find a valid user
776 {
777 return $this->__raiseError('User with login \''.$id.'\' does not exist!','Client');
778 }
779 }
780 return $user_id;
781 }
static _lookupId($a_user_str)
Lookup id by login.
static __extractId($ilias_id, $inst_id)
extract ref id from role title, e.g.

References ilUtil\__extractId(), ilSoapAdministration\__raiseError(), and ilObjUser\_lookupId().

Referenced by getRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ revokePermissions()

ilSoapRBACAdministration::revokePermissions (   $sid,
  $ref_id,
  $role_id 
)

Definition at line 181 of file class.ilSoapRBACAdministration.php.

182 {
183 $this->initAuth($sid);
184 $this->initIlias();
185
186 if(!$this->__checkSession($sid))
187 {
188 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
189 }
190
191 global $rbacadmin,$ilAccess;
192
193 if(!$tmp_obj =& ilObjectFactory::getInstanceByRefId($ref_id,false))
194 {
195 return $this->__raiseError('No valid ref id given. Please choose an existing reference id of an ILIAS object',
196 'Client');
197 }
198 if($tmp_role =& ilObjectFactory::getInstanceByObjId($role_id,false) and $tmp_role->getType() != 'role')
199 {
200 return $this->__raiseError('No valid role id given. Please choose an existing id of an ILIAS role',
201 'Client');
202 }
203 if ($role_id == SYSTEM_ROLE_ID)
204 {
205 return $this->__raiseError('Cannot revoke permissions of system role',
206 'Client');
207 }
208
209 if(!$ilAccess->checkAccess('edit_permission','',$ref_id))
210 {
211 return $this->__raiseError('Check access failed. No permission to revoke permissions','Server');
212 }
213
214 $rbacadmin->revokePermission($ref_id,$role_id);
215
216 return true;
217 }

References $ref_id, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectFactory\getInstanceByObjId(), ilObjectFactory\getInstanceByRefId(), ilSoapAdministration\initAuth(), and ilSoapAdministration\initIlias().

+ Here is the call graph for this function:

◆ searchRoles()

ilSoapRBACAdministration::searchRoles (   $sid,
  $key,
  $combination,
  $role_type 
)

search for roles.

Parameters
String$sid
String$searchtermscomma separated search terms
String$operatormust be or or and
String$role_typecan be empty which means "local & global", "local", "global", "user" = roles of user, "user_login" or "template"

Definition at line 689 of file class.ilSoapRBACAdministration.php.

690 {
691 $this->initAuth($sid);
692 $this->initIlias();
693
694 if(!$this->__checkSession($sid))
695 {
696 return $this->__raiseError($this->__getMessage(),$this->__getMessageCode());
697 }
698
699 global $rbacsystem, $rbacreview, $ilUser, $ilDB;
700
701
702 if (strcasecmp($role_type,"") != 0 &&
703 strcasecmp($role_type,"local") != 0 &&
704 strcasecmp($role_type,"global") != 0 &&
705 strcasecmp($role_type,"template") != 0)
706 {
707 return $this->__raiseError('Called service with wrong role_type parameter \''.$role_type.'\'','Client');
708 }
709
710 if($combination != 'and' and $combination != 'or')
711 {
712 return $this->__raiseError('No valid combination given. Must be "and" or "or".',
713 'Client');
714 }
715
716 include_once './Services/Search/classes/class.ilQueryParser.php';
717
718 $query_parser =& new ilQueryParser($key);
719 $query_parser->setMinWordLength(3);
720 $query_parser->setCombination($combination == 'and' ? QP_COMBINATION_AND : QP_COMBINATION_OR);
721 $query_parser->parse();
722 if(!$query_parser->validate())
723 {
724 return $this->__raiseError($query_parser->getMessage(), 'Client');
725 }
726
727 include_once './Services/Search/classes/class.ilObjectSearchFactory.php';
728
729 $object_search = ilObjectSearchFactory::_getObjectSearchInstance($query_parser);
730 $object_search->setFilter(array("role","rolt"));
731
732 $res = $object_search->performSearch();
733 $res->filter(ROOT_FOLDER_ID, $combination == 'and' ? true : false);
734
735 $obj_ids = array();
736 foreach($res->getUniqueResults() as $entry)
737 {
738 $obj_ids [] = $entry['obj_id'];
739 }
740
741 $roles = array();
742 if (count($obj_ids)> 0 )
743 {
744 #print_r($obj_ids);
745 $roles = $rbacreview->getRolesForIDs($obj_ids, $role_type == "template");
746 }
747 #print_r($roles);
748 include_once './webservice/soap/classes/class.ilSoapRoleObjectXMLWriter.php';
749 $xml_writer = new ilSoapRoleObjectXMLWriter();
750 $xml_writer->setObjects($roles);
751 $xml_writer->setType ($role_type);
752 if($xml_writer->start())
753 {
754 return $xml_writer->getXML();
755 }
756
757
758 }
const QP_COMBINATION_OR
const QP_COMBINATION_AND
static _getObjectSearchInstance($query_parser)
get reference of ilFulltext/LikeObjectSearch.

References $ilDB, $ilUser, $res, ilSoapAdministration\__getMessage(), ilSoapAdministration\__getMessageCode(), ilSoapAdministration\__raiseError(), ilObjectSearchFactory\_getObjectSearchInstance(), ilSoapAdministration\initAuth(), ilSoapAdministration\initIlias(), QP_COMBINATION_AND, and QP_COMBINATION_OR.

+ Here is the call graph for this function:

The documentation for this class was generated from the following file: