29 (isset($ilDB)) ? $this->
ilDB =& $ilDB : $this->
ilDB =& $ilias->db;
53 $query =
'UPDATE rbac_fa set blocked = '. $ilDB->quote($a_blocked_status,
'integer').
' '.
54 'WHERE rol_id = '.$ilDB->quote($a_role_id,
'integer').
' '.
55 'AND parent = '.$ilDB->quote($a_ref_id,
'integer');
70 if (!isset($a_usr_id))
72 $message = get_class($this).
"::removeUser(): No usr_id given!";
73 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
76 $query =
"DELETE FROM rbac_ua WHERE usr_id = ".$ilDB->quote($a_usr_id,
'integer');
93 if (!isset($a_rol_id) or !isset($a_ref_id))
95 $message = get_class($this).
"::deleteRole(): Missing parameter! role_id: ".$a_rol_id.
" ref_id of role folder: ".$a_ref_id;
96 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
100 if ($a_rol_id == SYSTEM_ROLE_ID)
102 $this->ilErr->raiseError($lng->txt(
"msg_sysrole_not_deletable"),$this->ilErr->MESSAGE);
105 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
107 $mapping->deleteRole($a_rol_id);
114 $query =
"DELETE FROM rbac_ua ".
115 "WHERE rol_id = ".$ilDB->quote($a_rol_id,
'integer');
119 $query =
"DELETE FROM rbac_pa ".
120 "WHERE rol_id = ".$ilDB->quote($a_rol_id,
'integer').
" ";
139 if (!isset($a_obj_id))
141 $message = get_class($this).
"::deleteTemplate(): No obj_id given!";
142 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
145 $query =
'DELETE FROM rbac_templates '.
146 'WHERE rol_id = '.$ilDB->quote($a_obj_id,
'integer');
149 $query =
'DELETE FROM rbac_fa '.
150 'WHERE rol_id = '.$ilDB->quote($a_obj_id,
'integer');
167 if (!isset($a_rol_id))
169 $message = get_class($this).
"::deleteLocalRole(): Missing parameter! role_id: '".$a_rol_id.
"'";
170 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
174 if ($a_rol_id == SYSTEM_ROLE_ID)
181 $clause =
'AND parent = '.$ilDB->quote($a_ref_id,
'integer').
' ';
184 $query =
'DELETE FROM rbac_fa '.
185 'WHERE rol_id = '.$ilDB->quote($a_rol_id,
'integer').
' '.
189 $query =
'DELETE FROM rbac_templates '.
190 'WHERE rol_id = '.$ilDB->quote($a_rol_id,
'integer').
' '.
212 $limit_query =
'SELECT COUNT(*) num FROM rbac_ua '.
213 'WHERE '.$GLOBALS[
'ilDB']->in(
'rol_id',(array) $a_limited_roles,FALSE,
'integer');
216 if(
$row->num >= $a_limit)
222 $query =
"INSERT INTO rbac_ua (usr_id, rol_id) ".
224 $ilDB->quote($a_usr_id,
'integer').
",".$ilDB->quote($a_role_id,
'integer').
229 $GLOBALS[
'rbacreview']->setAssignedCacheEntry($a_role_id,$a_usr_id,TRUE);
233 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
235 $mapping->assign($a_role_id,$a_usr_id);
246 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
248 foreach($role_desk_item_obj->getAll() as $item_data)
250 include_once
'./Services/User/classes/class.ilObjUser.php';
267 global
$ilDB,$rbacreview;
269 if (!isset($a_rol_id) or !isset($a_usr_id))
271 $message = get_class($this).
"::assignUser(): Missing parameter! role_id: ".$a_rol_id.
" usr_id: ".$a_usr_id;
272 #$this->ilErr->raiseError($message,$this->ilErr->WARNING); 276 $alreadyAssigned = $rbacreview->isAssigned($a_usr_id,$a_rol_id);
279 if (!$alreadyAssigned)
281 $query =
"INSERT INTO rbac_ua (usr_id, rol_id) ".
282 "VALUES (".$ilDB->quote($a_usr_id,
'integer').
",".$ilDB->quote($a_rol_id,
'integer').
")";
287 $rbacreview->setAssignedCacheEntry($a_rol_id,$a_usr_id,
true);
290 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
292 $mapping->assign($a_rol_id,$a_usr_id);
299 if(!$alreadyAssigned)
302 $GLOBALS[
'ilAppEventHandler']->raise(
303 'Services/AccessControl',
307 'usr_id' => $a_usr_id,
308 'role_id' => $a_rol_id,
325 global
$ilDB, $rbacreview;
327 if (!isset($a_rol_id) or !isset($a_usr_id))
329 $message = get_class($this).
"::deassignUser(): Missing parameter! role_id: ".$a_rol_id.
" usr_id: ".$a_usr_id;
330 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
333 $query =
"DELETE FROM rbac_ua ".
334 "WHERE usr_id = ".$ilDB->quote($a_usr_id,
'integer').
" ".
335 "AND rol_id = ".$ilDB->quote($a_rol_id,
'integer').
" ";
338 $rbacreview->setAssignedCacheEntry($a_rol_id,$a_usr_id,
false);
340 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
342 $mapping->deassign($a_rol_id,$a_usr_id);
349 $GLOBALS[
'ilAppEventHandler']->raise(
350 'Services/AccessControl',
354 'usr_id' => $a_usr_id,
355 'role_id' => $a_rol_id,
374 if (!isset($a_rol_id) or !isset($a_ops) or !isset($a_ref_id))
376 $this->ilErr->raiseError(get_class($this).
"::grantPermission(): Missing parameter! ".
377 "role_id: ".$a_rol_id.
" ref_id: ".$a_ref_id.
" operations: ",$this->ilErr->WARNING);
380 if (!is_array($a_ops))
382 $this->ilErr->raiseError(get_class($this).
"::grantPermission(): Wrong datatype for operations!",
383 $this->ilErr->WARNING);
393 if ($a_rol_id == SYSTEM_ROLE_ID)
399 foreach ($a_ops as $key => $operation)
401 $a_ops[$key] = (int) $operation;
405 $ops_ids = serialize($a_ops);
407 $query =
'DELETE FROM rbac_pa '.
408 'WHERE rol_id = %s '.
410 $res = $ilDB->queryF(
$query,array(
'integer',
'integer'),
411 array($a_rol_id,$a_ref_id));
418 $query =
"INSERT INTO rbac_pa (rol_id,ops_id,ref_id) ".
420 "(".$ilDB->quote($a_rol_id,
'integer').
",".$ilDB->quote($ops_ids,
'text').
",".$ilDB->quote($a_ref_id,
'integer').
")";
439 if (!isset($a_ref_id))
442 $message = get_class($this).
"::revokePermission(): Missing parameter! ref_id: ".$a_ref_id;
443 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
445 #$log->write("ilRBACadmin::revokePermission(), 0"); 448 if ($a_keep_protected !=
true)
451 if ($a_rol_id == SYSTEM_ROLE_ID)
458 $and1 =
" AND rol_id = ".$ilDB->quote($a_rol_id,
'integer').
" ";
465 $query =
"DELETE FROM rbac_pa ".
466 "WHERE ref_id = ".$ilDB->quote($a_ref_id,
'integer').
477 $roles_in_scope = $rbacreview->getParentRoleIds($a_ref_id);
481 #$log->write("ilRBACadmin::revokePermission(), 1"); 485 foreach ($roles_in_scope as $role)
487 if ($role[
'protected'] ==
true)
492 $role_ids[] = $role[
'obj_id'];
501 $query =
'DELETE FROM rbac_pa '.
502 'WHERE '.$ilDB->in(
'rol_id',$role_ids,
false,
'integer').
' '.
503 'AND ref_id = '.$ilDB->quote($a_ref_id,
'integer');
508 #$log->write("ilRBACadmin::revokePermission(), 2"); 510 if ($a_rol_id == SYSTEM_ROLE_ID)
516 if ($roles_in_scope[$a_rol_id][
'protected'] ==
true)
521 $query =
"DELETE FROM rbac_pa ".
522 "WHERE ref_id = ".$ilDB->quote($a_ref_id,
'integer').
" ".
523 "AND rol_id = ".$ilDB->quote($a_rol_id,
'integer').
" ";
540 $query =
'DELETE FROM rbac_pa '.
542 '( '.$GLOBALS[
'tree']->getSubTreeQuery($a_ref_id,array(
'child')).
' ) '.
543 'AND rol_id = '.$ilDB->quote($a_role_id,
'integer');
545 $ilDB->manipulate(
$query);
559 $query =
'DELETE FROM rbac_templates '.
560 'WHERE parent IN ( '.
561 $GLOBALS[
'tree']->getSubTreeQuery($a_ref_id, array(
'child')).
' ) '.
562 'AND rol_id = '.$ilDB->quote($a_rol_id,
'integer');
564 $ilDB->manipulate(
$query);
566 $query =
'DELETE FROM rbac_fa '.
567 'WHERE parent IN ( '.
568 $GLOBALS[
'tree']->getSubTreeQuery($a_ref_id,array(
'child')).
' ) '.
569 'AND rol_id = '.$ilDB->quote($a_rol_id,
'integer');
571 $ilDB->manipulate(
$query);
587 if (!isset($a_ref_ids) or !is_array($a_ref_ids))
589 $message = get_class($this).
"::revokePermissionList(): Missing parameter or parameter is not an array! reference_list: ".var_dump($a_ref_ids);
590 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
593 if (!isset($a_rol_id))
595 $message = get_class($this).
"::revokePermissionList(): Missing parameter! rol_id: ".$a_rol_id;
596 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
600 if ($a_rol_id == SYSTEM_ROLE_ID)
605 $query =
"DELETE FROM rbac_pa ".
606 "WHERE ".$ilDB->in(
'ref_id',$a_ref_ids,
false,
'integer').
' '.
607 "AND rol_id = ".$ilDB->quote($a_rol_id,
'integer');
623 public function copyRolePermissions($a_source_id,$a_source_parent,$a_dest_parent,$a_dest_id,$a_consider_protected =
true)
625 global $tree,$rbacreview;
630 $ops = $rbacreview->getRoleOperationsOnObject($a_source_id,$a_source_parent);
649 global $rbacreview,
$ilDB;
651 if (!isset($a_source_id) or !isset($a_source_parent) or !isset($a_dest_id) or !isset($a_dest_parent))
653 $message = __METHOD__.
": Missing parameter! source_id: ".$a_source_id.
654 " source_parent_id: ".$a_source_parent.
655 " dest_id : ".$a_dest_id.
656 " dest_parent_id: ".$a_dest_parent;
657 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
661 if ($a_dest_id == SYSTEM_ROLE_ID)
667 $query =
'SELECT * FROM rbac_templates '.
668 'WHERE rol_id = '.$ilDB->quote($a_source_id,
'integer').
' '.
669 'AND parent = '.$ilDB->quote($a_source_parent,
'integer');
671 $operations = array();
673 while (
$row = $ilDB->fetchObject(
$res))
675 $operations[$rownum][
'type'] =
$row->type;
676 $operations[$rownum][
'ops_id'] =
$row->ops_id;
681 $query =
'DELETE FROM rbac_templates WHERE rol_id = '.$ilDB->quote($a_dest_id,
'integer').
' '.
682 'AND parent = '.$ilDB->quote($a_dest_parent,
'integer');
685 foreach($operations as
$row => $op)
687 $query =
'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
689 $ilDB->quote($a_dest_id,
'integer').
",".
690 $ilDB->quote($op[
'type'],
'text').
",".
691 $ilDB->quote($op[
'ops_id'],
'integer').
",".
692 $ilDB->quote($a_dest_parent,
'integer').
")";
693 $ilDB->manipulate(
$query);
697 if ($a_consider_protected ==
true)
699 if ($rbacreview->isProtected($a_source_parent,$a_source_id))
722 global $rbacreview,
$ilDB;
724 if (!isset($a_source1_id) or !isset($a_source1_parent)
725 or !isset($a_source2_id) or !isset($a_source2_parent)
726 or !isset($a_dest_id) or !isset($a_dest_parent))
728 $message = get_class($this).
"::copyRolePermissionIntersection(): Missing parameter! source1_id: ".$a_source1_id.
729 " source1_parent: ".$a_source1_parent.
730 " source2_id: ".$a_source2_id.
731 " source2_parent: ".$a_source2_parent.
732 " dest_id: ".$a_dest_id.
733 " dest_parent_id: ".$a_dest_parent;
734 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
738 if ($a_dest_id == SYSTEM_ROLE_ID)
743 if ($rbacreview->isProtected($a_source2_parent,$a_source2_id))
745 $GLOBALS[
'ilLog']->write(__METHOD__.
': Role is protected');
749 $query =
"SELECT s1.type, s1.ops_id ".
750 "FROM rbac_templates s1, rbac_templates s2 ".
751 "WHERE s1.rol_id = ".$ilDB->quote($a_source1_id,
'integer').
" ".
752 "AND s1.parent = ".$ilDB->quote($a_source1_parent,
'integer').
" ".
753 "AND s2.rol_id = ".$ilDB->quote($a_source2_id,
'integer').
" ".
754 "AND s2.parent = ".$ilDB->quote($a_source2_parent,
'integer').
" ".
755 "AND s1.type = s2.type ".
756 "AND s1.ops_id = s2.ops_id";
758 $operations = array();
762 $operations[$rowNum][
'type'] =
$row->type;
763 $operations[$rowNum][
'ops_id'] =
$row->ops_id;
769 $query =
'DELETE FROM rbac_templates WHERE rol_id = '.$ilDB->quote($a_dest_id,
'integer').
' '.
770 'AND parent = '.$ilDB->quote($a_dest_parent,
'integer');
773 $query =
'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
775 $sta = $ilDB->prepareManip(
$query,array(
'integer',
'text',
'integer',
'integer'));
776 foreach($operations as $key => $set)
778 $ilDB->execute($sta,array(
806 global
$ilDB, $rbacreview;
809 $s1_ops = $rbacreview->getAllOperationsOfRole($a_source1_id,$a_source1_parent);
810 $s2_ops = $rbacreview->getAlloperationsOfRole($a_source2_id,$a_source2_parent);
814 $GLOBALS[
'ilLog']->write(__METHOD__.
': '.print_r($s1_ops,TRUE));
815 $GLOBALS[
'ilLog']->write(__METHOD__.
': '.print_r($s2_ops,TRUE));
817 foreach($s1_ops as $type => $ops)
823 $query =
'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
825 $ilDB->quote($a_dest_id,
'integer').
', '.
826 $ilDB->quote($type,
'text').
', '.
827 $ilDB->quote($op,
'integer').
', '.
828 $ilDB->quote($a_dest_parent,
'integer').
' '.
830 $ilDB->manipulate(
$query);
835 foreach($s2_ops as $type => $ops)
839 if(!isset($s1_ops[$type]) or !in_array($op, $s1_ops[$type]))
841 $query =
'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
843 $ilDB->quote($a_dest_id,
'integer').
', '.
844 $ilDB->quote($type,
'text').
', '.
845 $ilDB->quote($op,
'integer').
', '.
846 $ilDB->quote($a_dest_parent,
'integer').
' '.
848 $ilDB->manipulate(
$query);
865 global $rbacreview,
$ilDB;
867 $s1_ops = $rbacreview->getAllOperationsOfRole($a_source_id,$a_source_parent);
868 $d_ops = $rbacreview->getAllOperationsOfRole($a_dest_id,$a_dest_parent);
870 foreach($s1_ops as $type => $ops)
874 if(isset($d_ops[$type]) and in_array($op, $d_ops[$type]))
876 $query =
'DELETE FROM rbac_templates '.
877 'WHERE rol_id = '.$ilDB->quote($a_dest_id,
'integer').
' '.
878 'AND type = '.$ilDB->quote($type,
'text').
' '.
879 'AND ops_id = '.$ilDB->quote($op,
'integer').
' '.
880 'AND parent = '.$ilDB->quote($a_dest_parent,
'integer');
881 $ilDB->manipulate(
$query);
903 if (!isset($a_rol_id) or !isset($a_ref_id))
905 $message = get_class($this).
"::deleteRolePermission(): Missing parameter! role_id: ".$a_rol_id.
" ref_id: ".$a_ref_id;
906 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
910 if ($a_rol_id == SYSTEM_ROLE_ID)
915 if ($a_type !==
false)
917 $and_type =
" AND type=".$ilDB->quote($a_type,
'text').
" ";
920 $query =
'DELETE FROM rbac_templates '.
921 'WHERE rol_id = '.$ilDB->quote($a_rol_id,
'integer').
' '.
922 'AND parent = '.$ilDB->quote($a_ref_id,
'integer').
' '.
944 if (!isset($a_rol_id) or !isset($a_type) or !isset($a_ops) or !isset($a_ref_id))
946 $message = get_class($this).
"::setRolePermission(): Missing parameter!".
947 " role_id: ".$a_rol_id.
949 " operations: ".$a_ops.
950 " ref_id: ".$a_ref_id;
951 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
954 if (!is_string($a_type) or empty($a_type))
956 $message = get_class($this).
"::setRolePermission(): a_type is no string or empty!";
957 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
960 if (!is_array($a_ops) or empty($a_ops))
962 $message = get_class($this).
"::setRolePermission(): a_ops is no array or empty!";
963 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
967 if ($a_rol_id == SYSTEM_ROLE_ID)
972 $query =
'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
974 $sta = $ilDB->prepareManip(
$query,array(
'integer',
'text',
'integer',
'integer'));
975 foreach ($a_ops as $op)
977 $res = $ilDB->execute($sta,array(
1003 global
$ilDB,$rbacreview;
1005 if (!isset($a_rol_id) or !isset($a_parent))
1007 $message = get_class($this).
"::assignRoleToFolder(): Missing Parameter!".
1008 " role_id: ".$a_rol_id.
1009 " parent_id: ".$a_parent.
1010 " assign: ".$a_assign;
1011 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1015 if ($a_rol_id == SYSTEM_ROLE_ID)
1021 if ($a_assign !=
"y")
1028 $query = sprintf(
'INSERT INTO rbac_fa (rol_id, parent, assign, protected) '.
1029 'VALUES (%s,%s,%s,%s)',
1030 $ilDB->quote($a_rol_id,
'integer'),
1031 $ilDB->quote($a_parent,
'integer'),
1032 $ilDB->quote($a_assign,
'text'),
1033 $ilDB->quote(
'n',
'text'));
1051 if (!isset($a_type_id) or !isset($a_ops_id))
1053 $message = get_class($this).
"::assignOperationToObject(): Missing parameter!".
1054 "type_id: ".$a_type_id.
1055 "ops_id: ".$a_ops_id;
1056 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1059 $query =
"INSERT INTO rbac_ta (typ_id, ops_id) ".
1060 "VALUES(".$ilDB->quote($a_type_id,
'integer').
",".$ilDB->quote($a_ops_id,
'integer').
")";
1077 if (!isset($a_type_id) or !isset($a_ops_id))
1079 $message = get_class($this).
"::deassignPermissionFromObject(): Missing parameter!".
1080 "type_id: ".$a_type_id.
1081 "ops_id: ".$a_ops_id;
1082 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1085 $query =
"DELETE FROM rbac_ta ".
1086 "WHERE typ_id = ".$ilDB->quote($a_type_id,
'integer').
" ".
1087 "AND ops_id = ".$ilDB->quote($a_ops_id,
'integer');
1107 $query =
'UPDATE rbac_fa '.
1108 'SET protected = '.$ilDB->quote($a_value,
'text').
' '.
1109 'WHERE rol_id = '.$ilDB->quote($a_role_id,
'integer');
1126 global $rbacreview,
$ilLog,$ilObjDataCache;
1128 $real_local = array();
1129 foreach($rbacreview->getRolesOfRoleFolder($a_source_id,
false) as $role_data)
1131 $title = $ilObjDataCache->lookupTitle($role_data);
1132 if(substr($title,0,3) ==
'il_')
1136 $real_local[] = $role_data;
1138 if(!count($real_local))
1143 foreach($real_local as $role)
1145 include_once (
"./Services/AccessControl/classes/class.ilObjRole.php");
1149 $ilLog->write(__METHOD__.
': Start copying of role '.$orig->getTitle());
1151 $roleObj->setTitle($orig->getTitle());
1152 $roleObj->setDescription($orig->getDescription());
1153 $roleObj->setImportId($orig->getImportId());
1158 $ilLog->write(__METHOD__.
': Added new local role, id '.$roleObj->getId());
1177 if($rbacreview->isProtected($a_role_parent, $a_role_id))
1180 $new_ops = $rbacreview->getOperationsOfRole(
1216 $new_ops = $rbacreview->getOperationsOfRole(
1241 include_once
'./Services/DidacticTemplate/classes/class.ilDidacticTemplateObjSettings.php';
1246 include_once
'./Services/DidacticTemplate/classes/class.ilDidacticTemplateActionFactory.php';
1251 $action->setRefId($a_ref_id);
1271 global $rbacreview,$tree,
$ilLog;
1273 $new_parent = $tree->getParentId($a_ref_id);
1274 $old_context_roles = $rbacreview->getParentRoleIds($a_old_parent,
false);
1275 $new_context_roles = $rbacreview->getParentRoleIds($new_parent,
false);
1277 $for_addition = $for_deletion = array();
1278 foreach($new_context_roles as $new_role_id => $new_role)
1280 if(!isset($old_context_roles[$new_role_id]))
1282 $for_addition[$new_role_id] = $new_role;
1284 elseif($new_role[
'parent'] != $old_context_roles[$new_role_id][
'parent'])
1287 $for_deletion[$new_role_id] = $new_role;
1288 $for_addition[$new_role_id] = $new_role;
1291 foreach($old_context_roles as $old_role_id => $old_role)
1293 if(!isset($new_context_roles[$old_role_id]))
1295 $for_deletion[$old_role_id] = $old_role;
1299 if(!count($for_deletion) and !count($for_addition))
1305 include_once
"Services/AccessControl/classes/class.ilRbacLog.php";
1307 if($rbac_log_active)
1309 $role_ids = array_unique(array_merge(array_keys($for_deletion), array_keys($for_addition)));
1312 foreach($nodes = $tree->getSubTree($tree->getNodeData($a_ref_id),
true) as $node_data)
1314 $node_id = $node_data[
'child'];
1316 if($rbac_log_active)
1324 if(!$node_data[
'type'])
1326 $ilLog->write(__METHOD__.
': No type give. Choosing next tree entry.');
1332 $ilLog->write(__METHOD__.
': Missing subtree node_id');
1336 foreach($for_deletion as $role_id => $role_data)
1342 foreach($for_addition as $role_id => $role_data)
1344 switch($node_data[
'type'])
1347 include_once
'./Modules/Group/classes/class.ilObjGroup.php';
1350 $node_data[
'child'],
1352 $role_data[
'parent'],
1359 include_once
'./Modules/Course/classes/class.ilObjCourse.php';
1362 $node_data[
'child'],
1364 $role_data[
'parent'],
1374 $ops = $rbacreview->getOperationsOfRole($role_id,$node_data[
'type'],$role_data[
'parent']),
1385 if($rbac_log_active)
1408 $parent_roles = $rbacreview->getParentRoleIds($a_source_ref_id, FALSE);
1409 $GLOBALS[
'ilLog']->write(__METHOD__.
': '. print_r($parent_roles,TRUE));
static lookupTemplateId($a_ref_id)
Lookup template id ilDB $ilDB.
static lookupGroupStatusTemplateId($a_obj_id)
$ilDB $ilDB
applyMovedObjectDidacticTemplates($a_ref_id, $a_old_parent)
Apply didactic templates after object movement.
removeUser($a_usr_id)
deletes a user from rbac_ua all user <-> role relations are deleted public
deleteRolePermission($a_rol_id, $a_ref_id, $a_type=false)
Deletes all entries of a template.
const PEAR_ERROR_CALLBACK
deassignOperationFromObject($a_type_id, $a_ops_id)
Deassign an existing operation from an object Update of rbac_ta public.
static lookupCourseNonMemberTemplatesId()
Lookup course non member id.
revokeSubtreePermissions($a_ref_id, $a_role_id)
Revoke subtree permissions.
setBlockedStatus($a_role_id, $a_ref_id, $a_blocked_status)
Set blocked status.
adjustMovedObjectPermissions($a_ref_id, $a_old_parent)
Adjust permissions of moved objects.
copyRolePermissionUnion( $a_source1_id, $a_source1_parent, $a_source2_id, $a_source2_parent, $a_dest_id, $a_dest_parent)
<type> $ilDB
deleteSubtreeTemplates($a_ref_id, $a_rol_id)
Delete all template permissions of subtree nodes.
assignUser($a_rol_id, $a_usr_id)
Assigns an user to a role.
setRolePermission($a_rol_id, $a_type, $a_ops, $a_ref_id)
Inserts template permissions in rbac_templates for an specific object type.
copyRoleTemplatePermissions($a_source_id, $a_source_parent, $a_dest_parent, $a_dest_id, $a_consider_protected=true)
Copies template permissions of one role to another.
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
static diffFaPa(array $a_old, array $a_new)
const DB_FETCHMODE_OBJECT
deassignUser($a_rol_id, $a_usr_id)
Deassigns a user from a role.
copyEffectiveRolePermissions($a_source_ref_id, $target_ref_id, $a_subtree_id)
Copies all permission from source to target for all roles.
deleteLocalRole($a_rol_id, $a_ref_id=0)
Deletes a local role and entries in rbac_fa and rbac_templates public.
static _getInstance()
Get singleton instance of this class.
initIntersectionPermissions($a_ref_id, $a_role_id, $a_role_parent, $a_template_id, $a_template_parent)
Init intersection permissions.
assignUserLimited($a_role_id, $a_usr_id, $a_limit, $a_limited_roles=array())
Assign user limited.
addDesktopItem($a_rol_id, $a_usr_id)
Add desktop item.
setProtected($a_ref_id, $a_role_id, $a_value)
Set protected $ilDB.
copyLocalRoles($a_source_id, $a_target_id)
Copy local roles This method creates a copy of all local role.
static _lookupObjId($a_id)
copyRolePermissionIntersection($a_source1_id, $a_source1_parent, $a_source2_id, $a_source2_parent, $a_dest_parent, $a_dest_id)
Copies the intersection of the template permissions of two roles to a third role. ...
grantPermission($a_rol_id, $a_ops, $a_ref_id)
Grants a permission to an object and a specific role.
revokePermissionList($a_ref_ids, $a_rol_id)
Revokes permissions of a LIST of objects of ONE role.
static _lookupType($a_id, $a_reference=false)
lookup object type
copyRolePermissionSubtract($a_source_id, $a_source_parent, $a_dest_id, $a_dest_parent)
Subtract role permissions.
__construct()
Constructor public.
copyRolePermissions($a_source_id, $a_source_parent, $a_dest_parent, $a_dest_id, $a_consider_protected=true)
Copies template permissions and permission of one role to another.
deleteRole($a_rol_id, $a_ref_id)
Deletes a role and deletes entries in object_data, rbac_pa, rbac_templates, rbac_ua, rbac_fa public.
if(!file_exists(getcwd().'/ilias.ini.php')) if(isset( $_GET["client_id"]))
registration confirmation script for ilias
static _addDesktopItem($a_usr_id, $a_item_id, $a_type, $a_par="")
add an item to user's personal desktop
represents a creation of local roles action
assignOperationToObject($a_type_id, $a_ops_id)
Assign an existing operation to an object Update of rbac_ta.
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
revokePermission($a_ref_id, $a_rol_id=0, $a_keep_protected=true)
Revokes permissions of an object of one role.
deleteTemplate($a_obj_id)
Deletes a template from role folder and deletes all entries in rbac_templates, rbac_fa public...
static getLogger($a_component_id)
Get component logger.
Class ilRbacAdmin Core functions for role based access control.
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
assignRoleToFolder($a_rol_id, $a_parent, $a_assign="y")
Assigns a role to an role folder A role folder is an object to store roles.
static getActionsByTemplateId($a_tpl_id)
Get actions of one template.