ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Static Protected Attributes | Static Private Attributes
ilRbacReview Class Reference
Services/AccessControl

class ilRbacReview Contains Review functions of core Rbac. More...

+ Collaboration diagram for ilRbacReview:

Public Member Functions

 __construct ()
 Constructor @access public. More...
 
 roleExists ($a_title, $a_id=0)
 Checks if a role already exists. More...
 
 getParentRoleIds ($a_endnode_id, $a_templates=false)
 get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates @access public More...
 
 getRoleListByObject ($a_ref_id, $a_templates=false)
 Returns a list of roles in an container @access public. More...
 
 getAssignableRoles ($a_templates=false, $a_internal_roles=false, $title_filter='')
 Returns a list of all assignable roles @access public. More...
 
 getAssignableRolesInSubtree ($ref_id)
 Returns a list of assignable roles in a subtree of the repository @access public. More...
 
 getAssignableChildRoles ($a_ref_id)
 Get all assignable roles directly under a specific node @access public. More...
 
 getNumberOfAssignedUsers (Array $a_roles)
 Get the number of assigned users to roles @global ilDB $ilDB. More...
 
 assignedUsers ($a_rol_id)
 get all assigned users to a given role @access public More...
 
 isAssigned ($a_usr_id, $a_role_id)
 check if a specific user is assigned to specific role @access public More...
 
 isAssignedToAtLeastOneGivenRole ($a_usr_id, $a_role_ids)
 check if a specific user is assigned to at least one of the given role ids. More...
 
 assignedRoles ($a_usr_id)
 get all assigned roles to a given user @access public More...
 
 assignedGlobalRoles ($a_usr_id)
 Get assigned global roles for an user. More...
 
 isAssignable ($a_rol_id, $a_ref_id)
 Check if its possible to assign users @access public. More...
 
 hasMultipleAssignments ($a_role_id)
 Temporary bugfix. More...
 
 getFoldersAssignedToRole ($a_rol_id, $a_assignable=false)
 Returns an array of objects assigned to a role. More...
 
 getRolesOfObject ($a_ref_id, $a_assignable_only=FALSE)
 Get roles of object. More...
 
 getRolesOfRoleFolder ($a_ref_id, $a_nonassignable=true)
 get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids @access public More...
 
 getGlobalRoles ()
 get only 'global' roles @access public More...
 
 getLocalRoles ($a_ref_id)
 Get local roles of object. More...
 
 getLocalPolicies ($a_ref_id)
 Get all roles with local policies. More...
 
 getGlobalRolesArray ()
 get only 'global' roles @access public More...
 
 getGlobalAssignableRoles ()
 get only 'global' roles (with flag 'assign_users') @access public More...
 
 isRoleAssignedToObject ($a_role_id, $a_parent_id)
 Check if role is assigned to an object. More...
 
 getOperations ()
 get all possible operations @access public More...
 
 getOperation ($ops_id)
 get one operation by operation id @access public More...
 
 getAllOperationsOfRole ($a_rol_id, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public More...
 
 getActiveOperationsOfRole ($a_ref_id, $a_role_id)
 Get active operations for a role. More...
 
 getOperationsOfRole ($a_rol_id, $a_type, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public More...
 
 getRoleOperationsOnObject ($a_role_id, $a_ref_id)
 @global ilDB $ilDB More...
 
 getOperationsOnType ($a_typ_id)
 all possible operations of a type @access public More...
 
 getOperationsOnTypeString ($a_type)
 all possible operations of a type @access public More...
 
 getOperationsByTypeAndClass ($a_type, $a_class)
 Get operations by type and class. More...
 
 getObjectsWithStopedInheritance ($a_rol_id, $a_filter=array())
 get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder. More...
 
 isDeleted ($a_node_id)
 Checks if a rolefolder is set as deleted (negative tree_id) @access public. More...
 
 isGlobalRole ($a_role_id)
 Check if role is a global role. More...
 
 getRolesByFilter ($a_filter=0, $a_user_id=0, $title_filter='')
 @global ilDB $ilDB More...
 
 getTypeId ($a_type)
 Get type id of object @global ilDB $ilDB. More...
 
 isProtected ($a_ref_id, $a_role_id)
 
 isBlockedAtPosition ($a_role_id, $a_ref_id)
 Check if role is blocked at position @global ilDB $ilDB. More...
 
 isBlockedInUpperContext ($a_role_id, $a_ref_id)
 Check if role is blocked in upper context. More...
 
 getObjectOfRole ($a_role_id)
 Get object id of objects a role is assigned to. More...
 
 getObjectReferenceOfRole ($a_role_id)
 Get reference of role. More...
 
 isRoleDeleted ($a_role_id)
 return if role is only attached to deleted role folders More...
 
 getRolesForIDs ($role_ids, $use_templates)
 @global ilDB $ilDB More...
 
 getOperationAssignment ()
 get operation assignments More...
 
 isDeleteable ($a_role_id, $a_rolf_id)
 Check if role is deleteable at a specific position. More...
 
 isSystemGeneratedRole ($a_role_id)
 Check if the role is system generate role or role template. More...
 
 getRoleFolderOfRole ($a_role_id)
 Get role folder of role @global ilDB $ilDB. More...
 
 getUserPermissionsOnObject ($a_user_id, $a_ref_id)
 Get all user permissions on an object. More...
 
 setAssignedCacheEntry ($a_role_id, $a_user_id, $a_value)
 set entry of assigned_chache More...
 
 getAssignedCacheEntry ($a_role_id, $a_user_id)
 get entry of assigned_chache More...
 
 clearCaches ()
 Clear assigned users caches. More...
 

Static Public Member Functions

static _getOperationIdsByName ($operations)
 get ops_id's by name. More...
 
static _getOperationIdByName ($a_operation)
 get operation id by name of operation @access public @access static More...
 
static lookupCreateOperationIds ($a_type_arr)
 Lookup operation ids. More...
 
static _getOperationList ($a_type=null)
 get operation list by object type @access public @access static More...
 
static _groupOperationsByClass ($a_ops_arr)
 

Data Fields

const FILTER_ALL = 1
 
const FILTER_ALL_GLOBAL = 2
 
const FILTER_ALL_LOCAL = 3
 
const FILTER_INTERNAL = 4
 
const FILTER_NOT_INTERNAL = 5
 
const FILTER_TEMPLATES = 6
 

Protected Member Functions

 __getParentRoles ($a_path, $a_templates)
 Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan. More...
 
 __setTemplateFilter ($a_templates)
 get roles and templates or only roles; returns string for where clause @access private More...
 
 __setRoleType ($a_role_list)
 computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates More...
 
 __setProtectedStatus ($a_parent_roles, $a_role_hierarchy, $a_ref_id)
 Set protected status @global type $rbacsystem @global type $ilUser @global type $log. More...
 

Protected Attributes

 $log
 

Static Protected Attributes

static $assigned_users_cache = array()
 
static $is_assigned_cache = array()
 

Static Private Attributes

static $_opsCache = null
 

Detailed Description

class ilRbacReview Contains Review functions of core Rbac.

This class offers the possibility to view the contents of the user <-> role (UR) relation and the permission <-> role (PR) relation. For example, from the UA relation the administrator should have the facility to view all user assigned to a given role.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

Definition at line 19 of file class.ilRbacReview.php.

Constructor & Destructor Documentation

◆ __construct()

ilRbacReview::__construct ( )

Constructor @access public.

Definition at line 50 of file class.ilRbacReview.php.

51 {
52 global $ilDB,$ilErr,$ilias;
53
54 $this->log = ilLoggerFactory::getLogger('ac');
55
56 // set db & error handler
57 (isset($ilDB)) ? $this->ilDB =& $ilDB : $this->ilDB =& $ilias->db;
58
59 if (!isset($ilErr))
60 {
61 $ilErr = new ilErrorHandling();
62 $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
63 }
64 else
65 {
66 $this->ilErr =& $ilErr;
67 }
68 }
PEAR_ERROR_CALLBACK
const PEAR_ERROR_CALLBACK
Definition: PEAR.php:35
if
PHPExcel root directory.
Definition: PHPExcel.php:30
ilDB
Database Wrapper.
Definition: class.ilDB.php:30
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
$ilErr
global $ilErr
Definition: raiseError.php:16
$ilDB
global $ilDB
Definition: storeScorm2004.php:19

References $ilDB, $ilErr, ilLoggerFactory\getLogger(), and PEAR_ERROR_CALLBACK.

+ Here is the call graph for this function:

Member Function Documentation

◆ __getParentRoles()

ilRbacReview::__getParentRoles (   $a_path,
  $a_templates 
)
protected

Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan.

Get parent roles in a path. If last parameter is set 'true' it delivers also all templates in the path @access protected

Parameters
arrayarray with path_ids
booleantrue for role templates (default: false)
Returns
array array with all parent roles (obj_ids)
Todo:
refactor rolf => DONE

Definition at line 116 of file class.ilRbacReview.php.

117 {
118 if (!isset($a_path) or !is_array($a_path))
119 {
120 $message = get_class($this)."::getParentRoles(): No path given or wrong datatype!";
121 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
122 }
123
124 $parent_roles = array();
125 $role_hierarchy = array();
126
127 foreach($a_path as $ref_id)
128 {
129 $roles = $this->getRoleListByObject($ref_id,$a_templates);
130 foreach($roles as $role)
131 {
132 $id = $role["obj_id"];
133 $role["parent"] = $ref_id;
134 $parent_roles[$id] = $role;
135
136 if (!array_key_exists($role['obj_id'],$role_hierarchy))
137 {
138 $role_hierarchy[$id] = $ref_id;
139 }
140 }
141 }
142 return $this->__setProtectedStatus($parent_roles,$role_hierarchy,reset($a_path));
143 }
ilRbacReview\__setProtectedStatus
__setProtectedStatus($a_parent_roles, $a_role_hierarchy, $a_ref_id)
Set protected status @global type $rbacsystem @global type $ilUser @global type $log.
Definition: class.ilRbacReview.php:1471
ilRbacReview\getRoleListByObject
getRoleListByObject($a_ref_id, $a_templates=false)
Returns a list of roles in an container @access public.
Definition: class.ilRbacReview.php:185
$ref_id
$ref_id
Definition: sahs_server.php:39

References $ref_id, __setProtectedStatus(), and getRoleListByObject().

Referenced by getParentRoleIds().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setProtectedStatus()

ilRbacReview::__setProtectedStatus (   $a_parent_roles,
  $a_role_hierarchy,
  $a_ref_id 
)
protected

Set protected status @global type $rbacsystem @global type $ilUser @global type $log.

Parameters
type$a_parent_roles
type$a_role_hierarchy
type$a_ref_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1471 of file class.ilRbacReview.php.

1472 {
1473 //vd('refId',$a_ref_id,'parent roles',$a_parent_roles,'role-hierarchy',$a_role_hierarchy);
1474
1475 global $rbacsystem,$ilUser,$log;
1476
1477 if (in_array(SYSTEM_ROLE_ID,$this->assignedRoles($ilUser->getId())))
1478 {
1479 $leveladmin = true;
1480 }
1481 else
1482 {
1483 $leveladmin = false;
1484 }
1485 #vd("RoleHierarchy",$a_role_hierarchy);
1486 foreach ($a_role_hierarchy as $role_id => $rolf_id)
1487 {
1488 //$log->write("ilRBACreview::__setProtectedStatus(), 0");
1489 #echo "<br/>ROLF: ".$rolf_id." ROLE_ID: ".$role_id." (".$a_parent_roles[$role_id]['title'].") ";
1490 //var_dump($leveladmin,$a_parent_roles[$role_id]['protected']);
1491
1492 if ($leveladmin == true)
1493 {
1494 $a_parent_roles[$role_id]['protected'] = false;
1495 continue;
1496 }
1497
1498 if ($a_parent_roles[$role_id]['protected'] == true)
1499 {
1500 $arr_lvl_roles_user = array_intersect($this->assignedRoles($ilUser->getId()),array_keys($a_role_hierarchy,$rolf_id));
1501
1502 #vd("intersection",$arr_lvl_roles_user);
1503
1504 foreach ($arr_lvl_roles_user as $lvl_role_id)
1505 {
1506 #echo "<br/>level_role: ".$lvl_role_id;
1507 #echo "<br/>a_ref_id: ".$a_ref_id;
1508
1509 //$log->write("ilRBACreview::__setProtectedStatus(), 1");
1510 // check if role grants 'edit_permission' to parent
1511 $rolf = $a_parent_roles[$role_id]['parent'];
1512 #$parent_obj = $GLOBALS['tree']->getParentId($rolf);
1513 if ($rbacsystem->checkPermission($rolf,$lvl_role_id,'edit_permission'))
1514 {
1515 #echo "<br />Permission granted";
1516 //$log->write("ilRBACreview::__setProtectedStatus(), 2");
1517 // user may change permissions of that higher-ranked role
1518 $a_parent_roles[$role_id]['protected'] = false;
1519
1520 // remember successful check
1521 //$leveladmin = true;
1522 }
1523 }
1524 }
1525 }
1526 return $a_parent_roles;
1527 }
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user @access public
Definition: class.ilRbacReview.php:510
$ilUser
$ilUser
Definition: imgupload.php:18

References $ilUser, $log, and assignedRoles().

Referenced by __getParentRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setRoleType()

ilRbacReview::__setRoleType (   $a_role_list)
protected

computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates

@access private

Parameters
arrayrole list
Returns
array role list with additional entry for role_type
Todo:
refactor rolf => DONE

Definition at line 354 of file class.ilRbacReview.php.

355 {
356 foreach ($a_role_list as $key => $val)
357 {
358 // determine role type
359 if ($val["type"] == "rolt")
360 {
361 $a_role_list[$key]["role_type"] = "template";
362 }
363 else
364 {
365 if ($val["assign"] == "y")
366 {
367 if ($val["parent"] == ROLE_FOLDER_ID)
368 {
369 $a_role_list[$key]["role_type"] = "global";
370 }
371 else
372 {
373 $a_role_list[$key]["role_type"] = "local";
374 }
375 }
376 else
377 {
378 $a_role_list[$key]["role_type"] = "linked";
379 }
380 }
381
382 if ($val["protected"] == "y")
383 {
384 $a_role_list[$key]["protected"] = true;
385 }
386 else
387 {
388 $a_role_list[$key]["protected"] = false;
389 }
390 }
391
392 return $a_role_list;
393 }

Referenced by getAssignableRoles(), getRoleListByObject(), getRolesByFilter(), and getRolesForIDs().

+ Here is the caller graph for this function:

◆ __setTemplateFilter()

ilRbacReview::__setTemplateFilter (   $a_templates)
protected

get roles and templates or only roles; returns string for where clause @access private

Parameters
booleantrue: with templates
Returns
string where clause
Todo:
refactor rolf => DONE

Definition at line 326 of file class.ilRbacReview.php.

327 {
328 global $ilDB;
329
330 if ($a_templates === true)
331 {
332 $where = "WHERE ".$ilDB->in('object_data.type',array('role','rolt'),false,'text')." ";
333 }
334 else
335 {
336 $where = "WHERE ".$ilDB->in('object_data.type',array('role'),false,'text')." ";
337 }
338
339 return $where;
340 }

References $ilDB.

Referenced by getAssignableRoles(), getRoleListByObject(), and getRolesForIDs().

+ Here is the caller graph for this function:

◆ _getOperationIdByName()

static ilRbacReview::_getOperationIdByName (   $a_operation)
static

get operation id by name of operation @access public @access static

Parameters
stringoperation name
Returns
integer operation id
Todo:
refactor rolf => DONE

Definition at line 1312 of file class.ilRbacReview.php.

1313 {
1314 global $ilDB,$ilErr;
1315
1316 if (!isset($a_operation))
1317 {
1318 $message = "perm::getOperationId(): No operation given!";
1319 $ilErr->raiseError($message,$ilErr->WARNING);
1320 }
1321
1322 // Cache operation ids
1323 if (! is_array(self::$_opsCache)) {
1324 self::$_opsCache = array();
1325
1326 $q = "SELECT ops_id, operation FROM rbac_operations";
1327 $r = $ilDB->query($q);
1328 while ($row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1329 {
1330 self::$_opsCache[$row->operation] = $row->ops_id;
1331 }
1332 }
1333
1334 // Get operation ID by name from cache
1335 if (array_key_exists($a_operation, self::$_opsCache)) {
1336 return self::$_opsCache[$a_operation];
1337 }
1338 return null;
1339 }
$r
$r
Definition: example_031.php:79

References $ilDB, $ilErr, $r, $row, and ilDBConstants\FETCHMODE_OBJECT.

Referenced by ilRepositoryObjectPlugin\beforeActivation(), ilRbacSystem\checkAccessOfUser(), and ilObjBlog\getRolesWithContributeOrRedact().

+ Here is the caller graph for this function:

◆ _getOperationIdsByName()

static ilRbacReview::_getOperationIdsByName (   $operations)
static

get ops_id's by name.

Example usage: $rbacadmin->grantPermission($roles,ilRbacReview::_getOperationIdsByName(array('visible','read'),$ref_id));

@access public

Parameters
arraystring name of operation. see rbac_operations
Returns
array integer ops_id's
Todo:
refactor rolf => DONE

Definition at line 1284 of file class.ilRbacReview.php.

1285 {
1286 global $ilDB;
1287
1288 if(!count($operations))
1289 {
1290 return array();
1291 }
1292
1293 $query = 'SELECT ops_id FROM rbac_operations '.
1294 'WHERE '.$ilDB->in('operation',$operations,false,'text');
1295
1296 $res = $ilDB->query($query);
1297 while($row = $ilDB->fetchObject($res))
1298 {
1299 $ops_ids[] = $row->ops_id;
1300 }
1301 return $ops_ids ? $ops_ids : array();
1302 }

References $ilDB, $query, $res, and $row.

Referenced by ilUtil\_getObjectsByOperations(), ilLicense\getPotentialAccesses(), and ilECSObjectSettings\handlePermissionUpdate().

+ Here is the caller graph for this function:

◆ _getOperationList()

static ilRbacReview::_getOperationList (   $a_type = null)
static

get operation list by object type @access public @access static

Parameters
stringobject type you want to have the operation list
stringorder column
stringorder direction (possible values: ASC or DESC)
Returns
array returns array of operations
Todo:
refactor rolf => DONE

Definition at line 1539 of file class.ilRbacReview.php.

1540 {
1541 global $ilDB;
1542
1543 $arr = array();
1544
1545 if ($a_type)
1546 {
1547 $query = sprintf('SELECT * FROM rbac_operations '.
1548 'JOIN rbac_ta ON rbac_operations.ops_id = rbac_ta.ops_id '.
1549 'JOIN object_data ON rbac_ta.typ_id = object_data.obj_id '.
1550 'WHERE object_data.title = %s '.
1551 'AND object_data.type = %s '.
1552 'ORDER BY op_order ASC',
1553 $ilDB->quote($a_type,'text'),
1554 $ilDB->quote('typ','text'));
1555 }
1556 else
1557 {
1558 $query = 'SELECT * FROM rbac_operations ORDER BY op_order ASC';
1559 }
1560 $res = $ilDB->query($query);
1561 while ($row = $ilDB->fetchAssoc($res))
1562 {
1563 $arr[] = array(
1564 "ops_id" => $row['ops_id'],
1565 "operation" => $row['operation'],
1566 "desc" => $row['description'],
1567 "class" => $row['class'],
1568 "order" => $row['op_order']
1569 );
1570 }
1571 return $arr;
1572 }
sprintf
sprintf('%.4f', $callTime)
Definition: 01pharSimple.php:87
$a_type
$a_type
Definition: workflow.php:93

References $a_type, $ilDB, $query, $res, $row, and sprintf.

Referenced by ilSettingsPermissionGUI\__construct(), ilObjTypeDefinitionGUI\editObject(), ilObjectPermissionStatusGUI\getAccessPermissionTableData(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), ilObjRoleTemplateGUI\permObject(), and ilObjTypeDefinitionGUI\viewObject().

+ Here is the caller graph for this function:

◆ _groupOperationsByClass()

static ilRbacReview::_groupOperationsByClass (   $a_ops_arr)
static
Parameters
type$a_ops_arr
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1580 of file class.ilRbacReview.php.

1581 {
1582 $arr = array();
1583
1584 foreach ($a_ops_arr as $ops)
1585 {
1586 $arr[$ops['class']][] = array ('ops_id' => $ops['ops_id'],
1587 'name' => $ops['operation']
1588 );
1589 }
1590 return $arr;
1591 }

◆ assignedGlobalRoles()

ilRbacReview::assignedGlobalRoles (   $a_usr_id)

Get assigned global roles for an user.

Parameters
int$a_usr_idId of user account
Todo:
refactor rolf => DONE

Definition at line 531 of file class.ilRbacReview.php.

532 {
533 global $ilDB;
534
535 $query = "SELECT ua.rol_id FROM rbac_ua ua ".
536 "JOIN rbac_fa fa ON ua.rol_id = fa.rol_id ".
537 "WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer').' '.
538 "AND parent = ".$ilDB->quote(ROLE_FOLDER_ID)." ".
539 "AND assign = 'y' ";
540
541 $res = $ilDB->query($query);
542 while($row = $ilDB->fetchObject($res))
543 {
544 $role_arr[] = $row->rol_id;
545 }
546 return $role_arr ? $role_arr : array();
547 }

References $ilDB, $query, $res, and $row.

◆ assignedRoles()

ilRbacReview::assignedRoles (   $a_usr_id)

get all assigned roles to a given user @access public

Parameters
integerusr_id
Returns
array all roles (id) the user have
Todo:
refactor rolf => DONE

Definition at line 510 of file class.ilRbacReview.php.

511 {
512 global $ilDB;
513
514 $role_arr = array();
515
516 $query = "SELECT rol_id FROM rbac_ua WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer');
517
518 $res = $ilDB->query($query);
519 while($row = $ilDB->fetchObject($res))
520 {
521 $role_arr[] = $row->rol_id;
522 }
523 return $role_arr ? $role_arr : array();
524 }

References $ilDB, $query, $res, and $row.

Referenced by __setProtectedStatus(), and getRolesByFilter().

+ Here is the caller graph for this function:

◆ assignedUsers()

ilRbacReview::assignedUsers (   $a_rol_id)

get all assigned users to a given role @access public

Parameters
integerrole_id
Returns
array all users (id) assigned to role

Definition at line 421 of file class.ilRbacReview.php.

422 {
423 global $ilBench,$ilDB;
424
425 if (!isset($a_rol_id))
426 {
427 $message = get_class($this)."::assignedUsers(): No role_id given!";
428 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
429 }
430 if(isset(self::$assigned_users_cache[$a_rol_id]))
431 {
432 return self::$assigned_users_cache[$a_rol_id];
433 }
434
435 $result_arr = array();
436
437 $query = "SELECT usr_id FROM rbac_ua WHERE rol_id= ".$ilDB->quote($a_rol_id,'integer');
438 $res = $ilDB->query($query);
439 while($row = $ilDB->fetchAssoc($res))
440 {
441 array_push($result_arr, $row["usr_id"]);
442 }
443
444 self::$assigned_users_cache[$a_rol_id] = $result_arr;
445
446 return $result_arr;
447 }
$ilBench
global $ilBench
Definition: ilias.php:18

References $ilBench, $ilDB, $query, $res, and $row.

◆ clearCaches()

ilRbacReview::clearCaches ( )

Clear assigned users caches.

Definition at line 1874 of file class.ilRbacReview.php.

1875 {
1876 self::$is_assigned_cache = array();
1877 self::$assigned_users_cache = array();
1878 }

◆ getActiveOperationsOfRole()

ilRbacReview::getActiveOperationsOfRole (   $a_ref_id,
  $a_role_id 
)

Get active operations for a role.

Parameters
object$a_ref_id
object$a_role_id
Returns
Todo:
refactor rolf => DONE

Definition at line 900 of file class.ilRbacReview.php.

901 {
902 global $ilDB;
903
904 $query = 'SELECT * FROM rbac_pa '.
905 'WHERE ref_id = '.$ilDB->quote($a_ref_id,'integer').' '.
906 'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' ';
907
908 $res = $ilDB->query($query);
909 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_ASSOC))
910 {
911 return unserialize($row['ops_id']);
912 }
913 return array();
914 }

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_ASSOC.

◆ getAllOperationsOfRole()

ilRbacReview::getAllOperationsOfRole (   $a_rol_id,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public

Parameters
integerrole_id
integerrole folder id
Returns
array array of operation_id and types
Todo:
refactor rolf => DONE

Definition at line 871 of file class.ilRbacReview.php.

872 {
873 global $ilDB;
874
875 if(!$a_parent)
876 {
877 $a_parent = ROLE_FOLDER_ID;
878 }
879
880 $query = "SELECT ops_id,type FROM rbac_templates ".
881 "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
882 "AND parent = ".$ilDB->quote($a_parent,'integer');
883 $res = $ilDB->query($query);
884
885 $ops_arr = array();
886 while ($row = $ilDB->fetchObject($res))
887 {
888 $ops_arr[$row->type][] = $row->ops_id;
889 }
890 return (array) $ops_arr;
891 }

References $ilDB, $query, $res, and $row.

◆ getAssignableChildRoles()

ilRbacReview::getAssignableChildRoles (   $a_ref_id)

Get all assignable roles directly under a specific node @access public.

Parameters
ref_id
Returns
array set ids
Todo:
refactor rolf => Find a better name; reduce sql fields

Definition at line 300 of file class.ilRbacReview.php.

301 {
302 global $ilDB;
303
304 $query = "SELECT fa.*, rd.* ".
305 "FROM object_data rd ".
306 "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id ".
307 "WHERE fa.assign = 'y' ".
308 "AND fa.parent = ".$this->ilDB->quote($a_ref_id,'integer')." "
309 ;
310
311 $res = $ilDB->query($query);
312 while($row = $ilDB->fetchAssoc($res))
313 {
314 $roles_data[] = $row;
315 }
316 return $roles_data ? $roles_data : array();
317 }

References $ilDB, $query, $res, and $row.

◆ getAssignableRoles()

ilRbacReview::getAssignableRoles (   $a_templates = false,
  $a_internal_roles = false,
  $title_filter = '' 
)

Returns a list of all assignable roles @access public.

Parameters
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 227 of file class.ilRbacReview.php.

228 {
229 global $ilDB;
230
231 $role_list = array();
232
233 $where = $this->__setTemplateFilter($a_templates);
234
235 $query = "SELECT * FROM object_data ".
236 "JOIN rbac_fa ON obj_id = rol_id ".
237 $where.
238 "AND rbac_fa.assign = 'y' ";
239
240 if(strlen($title_filter))
241 {
242 $query .= (' AND '.$ilDB->like(
243 'title',
244 'text',
245 $title_filter.'%'
246 ));
247 }
248 $res = $ilDB->query($query);
249
250 while ($row = $ilDB->fetchAssoc($res))
251 {
252 $row["desc"] = $row["description"];
253 $row["user_id"] = $row["owner"];
254 $role_list[] = $row;
255 }
256
257 $role_list = $this->__setRoleType($role_list);
258
259 return $role_list;
260 }
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:354
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause @access private
Definition: class.ilRbacReview.php:326

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by getRolesByFilter().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssignableRolesInSubtree()

ilRbacReview::getAssignableRolesInSubtree (   $ref_id)

Returns a list of assignable roles in a subtree of the repository @access public.

Parameters
ref_idRoot node of subtree
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 269 of file class.ilRbacReview.php.

270 {
271 global $ilDB;
272
273 $query = 'SELECT rol_id FROM rbac_fa fa '.
274 'JOIN tree t1 ON t1.child = fa.parent '.
275 'JOIN object_data obd ON fa.rol_id = obd.obj_id ' .
276 'WHERE assign = '.$ilDB->quote('y','text').' '.
277 'AND obd.type = '.$ilDB->quote('role','text').' '.
278 'AND t1.child IN ('.
279 $GLOBALS['tree']->getSubTreeQuery($ref_id,array('child')).' '.
280 ') ';
281
282
283 $res = $ilDB->query($query);
284
285 $role_list = array();
286 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
287 {
288 $role_list[] = $row->rol_id;
289 }
290 return $role_list;
291 }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18

References $GLOBALS, $ilDB, $query, $ref_id, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getAssignedCacheEntry()

ilRbacReview::getAssignedCacheEntry (   $a_role_id,
  $a_user_id 
)

get entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id

Definition at line 1866 of file class.ilRbacReview.php.

1867 {
1868 return self::$is_assigned_cache[$a_role_id][$a_user_id];
1869 }

◆ getFoldersAssignedToRole()

ilRbacReview::getFoldersAssignedToRole (   $a_rol_id,
  $a_assignable = false 
)

Returns an array of objects assigned to a role.

A role with stopped inheritance may be assigned to more than one objects. To get only the original location of a role, set the second parameter to true

@access public

Parameters
integerrole id
booleanget only rolefolders where role is assignable (true)
Returns
array reference IDs of role folders
Todo:
refactor rolf => RENAME (rest done)

Definition at line 612 of file class.ilRbacReview.php.

613 {
614 global $ilDB;
615
616 if (!isset($a_rol_id))
617 {
618 $message = get_class($this)."::getFoldersAssignedToRole(): No role_id given!";
619 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
620 }
621
622 if ($a_assignable)
623 {
624 $where = " AND assign ='y'";
625 }
626
627 $query = "SELECT DISTINCT parent FROM rbac_fa ".
628 "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".$where." ";
629
630 $res = $ilDB->query($query);
631 while($row = $ilDB->fetchObject($res))
632 {
633 $folders[] = $row->parent;
634 }
635 return $folders ? $folders : array();
636 }

References $ilDB, $query, $res, and $row.

Referenced by isRoleDeleted().

+ Here is the caller graph for this function:

◆ getGlobalAssignableRoles()

ilRbacReview::getGlobalAssignableRoles ( )

get only 'global' roles (with flag 'assign_users') @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 787 of file class.ilRbacReview.php.

788 {
789 include_once './Services/AccessControl/classes/class.ilObjRole.php';
790
791 foreach($this->getGlobalRoles() as $role_id)
792 {
793 if(ilObjRole::_getAssignUsersStatus($role_id))
794 {
795 $ga[] = array('obj_id' => $role_id,
796 'role_type' => 'global');
797 }
798 }
799 return $ga ? $ga : array();
800 }
ilObjRole\_getAssignUsersStatus
static _getAssignUsersStatus($a_role_id)
Definition: class.ilObjRole.php:142
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only 'global' roles @access public
Definition: class.ilRbacReview.php:725

References ilObjRole\_getAssignUsersStatus(), and getGlobalRoles().

+ Here is the call graph for this function:

◆ getGlobalRoles()

ilRbacReview::getGlobalRoles ( )

get only 'global' roles @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 725 of file class.ilRbacReview.php.

726 {
727 return $this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false);
728 }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:685

References getRolesOfRoleFolder().

Referenced by getGlobalAssignableRoles(), getRolesByFilter(), and isGlobalRole().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getGlobalRolesArray()

ilRbacReview::getGlobalRolesArray ( )

get only 'global' roles @access public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 771 of file class.ilRbacReview.php.

772 {
773 foreach($this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false) as $role_id)
774 {
775 $ga[] = array('obj_id' => $role_id,
776 'role_type' => 'global');
777 }
778 return $ga ? $ga : array();
779 }

References getRolesOfRoleFolder().

+ Here is the call graph for this function:

◆ getLocalPolicies()

ilRbacReview::getLocalPolicies (   $a_ref_id)

Get all roles with local policies.

Parameters
type$a_ref_id
Returns
type

Definition at line 755 of file class.ilRbacReview.php.

756 {
757 $lroles = array();
758 foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
759 {
760 $lroles[] = $role_id;
761 }
762 return $lroles;
763 }

References getRolesOfRoleFolder().

+ Here is the call graph for this function:

◆ getLocalRoles()

ilRbacReview::getLocalRoles (   $a_ref_id)

Get local roles of object.

Parameters
int$a_ref_id
Todo:
refactor rolf => DONE

Definition at line 735 of file class.ilRbacReview.php.

736 {
737 global $ilDB;
738
739 $lroles = array();
740 foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
741 {
742 if($this->isAssignable($role_id, $a_ref_id))
743 {
744 $lroles[] = $role_id;
745 }
746 }
747 return $lroles;
748 }
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users @access public.
Definition: class.ilRbacReview.php:557

References $ilDB, getRolesOfRoleFolder(), and isAssignable().

+ Here is the call graph for this function:

◆ getNumberOfAssignedUsers()

ilRbacReview::getNumberOfAssignedUsers ( Array  $a_roles)

Get the number of assigned users to roles @global ilDB $ilDB.

Parameters
array$a_roles
Returns
int
Todo:
refactor rolf => DONE

Definition at line 402 of file class.ilRbacReview.php.

403 {
404 global $ilDB;
405
406 $query = 'SELECT COUNT(DISTINCT(usr_id)) as num FROM rbac_ua '.
407 'WHERE '.$ilDB->in('rol_id', $a_roles, false, 'integer').' ';
408
409 $res = $ilDB->query($query);
410 $row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
411 return $row->num ? $row->num : 0;
412 }

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getObjectOfRole()

ilRbacReview::getObjectOfRole (   $a_role_id)

Get object id of objects a role is assigned to.

Todo:
refactor rolf (due to performance reasons the new version does not check for deleted roles only in object reference)

@access public

Parameters
introle id

Definition at line 1602 of file class.ilRbacReview.php.

1603 {
1604 // internal cache
1605 static $obj_cache = array();
1606
1607 global $ilDB;
1608
1609
1610 if(isset($obj_cache[$a_role_id]) and $obj_cache[$a_role_id])
1611 {
1612 return $obj_cache[$a_role_id];
1613 }
1614
1615 $query = 'SELECT obr.obj_id FROM rbac_fa rfa '.
1616 'JOIN object_reference obr ON rfa.parent = obr.ref_id '.
1617 'WHERE assign = '.$ilDB->quote('y','text'). ' '.
1618 'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1619 'AND deleted IS NULL';
1620
1621 #$query = "SELECT obr.obj_id FROM rbac_fa rfa ".
1622 # "JOIN tree ON rfa.parent = tree.child ".
1623 # "JOIN object_reference obr ON tree.parent = obr.ref_id ".
1624 # "WHERE tree.tree = 1 ".
1625 # "AND assign = 'y' ".
1626 # "AND rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
1627 $res = $ilDB->query($query);
1628
1629 $obj_cache[$a_role_id] = 0;
1630 while($row = $ilDB->fetchObject($res))
1631 {
1632 $obj_cache[$a_role_id] = $row->obj_id;
1633 }
1634 return $obj_cache[$a_role_id];
1635 }

References $ilDB, $query, $res, and $row.

◆ getObjectReferenceOfRole()

ilRbacReview::getObjectReferenceOfRole (   $a_role_id)

Get reference of role.

Parameters
object$a_role_id
Returns
int
Todo:
refactor rolf (no deleted check)

Definition at line 1643 of file class.ilRbacReview.php.

1644 {
1645 global $ilDB;
1646
1647 $query = 'SELECT parent p_ref FROM rbac_fa '.
1648 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1649 'AND assign = '.$ilDB->quote('y','text');
1650
1651 $res = $ilDB->query($query);
1652 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1653 {
1654 return $row->p_ref;
1655 }
1656 return 0;
1657 }

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getObjectsWithStopedInheritance()

ilRbacReview::getObjectsWithStopedInheritance (   $a_rol_id,
  $a_filter = array() 
)

get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder.

@access public

Parameters
integerrole_id
arrayfilter ref_ids
Returns
array with ref_ids of objects
Todo:
refactor rolf => DONE

Definition at line 1090 of file class.ilRbacReview.php.

1091 {
1092 global $ilDB;
1093
1094 #$query = 'SELECT t.parent p FROM tree t JOIN rbac_fa fa ON fa.parent = child '.
1095 # 'WHERE assign = '.$ilDB->quote('n','text').' '.
1096 # 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1097
1098 $query = 'SELECT parent p FROM rbac_fa '.
1099 'WHERE assign = '.$ilDB->quote('n','text').' '.
1100 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1101
1102 if($a_filter)
1103 {
1104 $query .= ('AND '.$ilDB->in('parent',(array) $a_filter,false,'integer'));
1105 }
1106
1107 $res = $ilDB->query($query);
1108 $parent = array();
1109 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1110 {
1111 $parent[] = $row->p;
1112 }
1113 return $parent;
1114 }

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getOperation()

ilRbacReview::getOperation (   $ops_id)

get one operation by operation id @access public

Returns
array data of operation_id
Todo:
refactor rolf => DONE

Definition at line 846 of file class.ilRbacReview.php.

847 {
848 global $ilDB;
849
850 $query = 'SELECT * FROM rbac_operations WHERE ops_id = '.$ilDB->quote($ops_id,'integer');
851 $res = $this->ilDB->query($query);
852 while($row = $ilDB->fetchObject($res))
853 {
854 $ops = array('ops_id' => $row->ops_id,
855 'operation' => $row->operation,
856 'description' => $row->description);
857 }
858
859 return $ops ? $ops : array();
860 }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1415

References $ilDB, $query, $res, $row, and ilDB\query().

+ Here is the call graph for this function:

◆ getOperationAssignment()

ilRbacReview::getOperationAssignment ( )

get operation assignments

Returns
array array(array('typ_id' => $typ_id,'title' => $title,'ops_id => '$ops_is,'operation' => $operation),...
Todo:
refactor rolf => DONE

Definition at line 1723 of file class.ilRbacReview.php.

1724 {
1725 global $ilDB;
1726
1727 $query = 'SELECT ta.typ_id, obj.title, ops.ops_id, ops.operation FROM rbac_ta ta '.
1728 'JOIN object_data obj ON obj.obj_id = ta.typ_id '.
1729 'JOIN rbac_operations ops ON ops.ops_id = ta.ops_id ';
1730 $res = $ilDB->query($query);
1731
1732 $counter = 0;
1733 while($row = $ilDB->fetchObject($res))
1734 {
1735 $info[$counter]['typ_id'] = $row->typ_id;
1736 $info[$counter]['type'] = $row->title;
1737 $info[$counter]['ops_id'] = $row->ops_id;
1738 $info[$counter]['operation'] = $row->operation;
1739 $counter++;
1740 }
1741 return $info ? $info : array();
1742
1743 }
$counter
$counter
Definition: config-scanner.php:59
$info
$info
Definition: example_052.php:80

References $counter, $ilDB, $info, $query, $res, and $row.

◆ getOperations()

ilRbacReview::getOperations ( )

get all possible operations @access public

Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 824 of file class.ilRbacReview.php.

825 {
826 global $ilDB;
827
828 $query = 'SELECT * FROM rbac_operations ORDER BY ops_id ';
829 $res = $this->ilDB->query($query);
830 while($row = $ilDB->fetchObject($res))
831 {
832 $ops[] = array('ops_id' => $row->ops_id,
833 'operation' => $row->operation,
834 'description' => $row->description);
835 }
836
837 return $ops ? $ops : array();
838 }

References $ilDB, $query, $res, $row, and ilDB\query().

+ Here is the call graph for this function:

◆ getOperationsByTypeAndClass()

ilRbacReview::getOperationsByTypeAndClass (   $a_type,
  $a_class 
)

Get operations by type and class.

Parameters
string$a_typeType is "object" or
string$a_class
Returns
Todo:
refactor rolf => DONE

Definition at line 1049 of file class.ilRbacReview.php.

1050 {
1051 global $ilDB;
1052
1053 if($a_class != 'create')
1054 {
1055 $condition = "AND class != ".$ilDB->quote('create','text');
1056 }
1057 else
1058 {
1059 $condition = "AND class = ".$ilDB->quote('create','text');
1060 }
1061
1062 $query = "SELECT ro.ops_id FROM rbac_operations ro ".
1063 "JOIN rbac_ta rt ON ro.ops_id = rt.ops_id ".
1064 "JOIN object_data od ON rt.typ_id = od.obj_id ".
1065 "WHERE type = ".$ilDB->quote('typ','text')." ".
1066 "AND title = ".$ilDB->quote($a_type,'text')." ".
1067 $condition." ".
1068 "ORDER BY op_order ";
1069
1070 $res = $ilDB->query($query);
1071
1072 $ops = array();
1073 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1074 {
1075 $ops[] = $row->ops_id;
1076 }
1077 return $ops;
1078 }

References $a_type, $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getOperationsOfRole()

ilRbacReview::getOperationsOfRole (   $a_rol_id,
  $a_type,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles @access public

Parameters
integerrole_id
stringobject type
integerrole folder id
Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 927 of file class.ilRbacReview.php.

928 {
929 global $ilDB,$ilLog;
930
931 if (!isset($a_rol_id) or !isset($a_type))
932 {
933 $message = get_class($this)."::getOperationsOfRole(): Missing Parameter!".
934 "role_id: ".$a_rol_id.
935 "type: ".$a_type.
936 "parent_id: ".$a_parent;
937 $ilLog->logStack("Missing parameter! ");
938 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
939 }
940
941 $ops_arr = array();
942
943 // if no rolefolder id is given, assume global role folder as target
944 if ($a_parent == 0)
945 {
946 $a_parent = ROLE_FOLDER_ID;
947 }
948
949 $query = "SELECT ops_id FROM rbac_templates ".
950 "WHERE type =".$ilDB->quote($a_type,'text')." ".
951 "AND rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
952 "AND parent = ".$ilDB->quote($a_parent,'integer');
953 $res = $ilDB->query($query);
954 while ($row = $ilDB->fetchObject($res))
955 {
956 $ops_arr[] = $row->ops_id;
957 }
958
959 return $ops_arr;
960 }
$ilLog
$ilLog
Definition: inc.setup_header.php:130

References $a_type, $ilDB, $ilLog, $query, $res, and $row.

◆ getOperationsOnType()

ilRbacReview::getOperationsOnType (   $a_typ_id)

all possible operations of a type @access public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 993 of file class.ilRbacReview.php.

994 {
995 global $ilDB;
996
997 if (!isset($a_typ_id))
998 {
999 $message = get_class($this)."::getOperationsOnType(): No type_id given!";
1000 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1001 }
1002
1003 #$query = "SELECT * FROM rbac_ta WHERE typ_id = ".$ilDB->quote($a_typ_id,'integer');
1004
1005 $query = 'SELECT * FROM rbac_ta ta JOIN rbac_operations o ON ta.ops_id = o.ops_id '.
1006 'WHERE typ_id = '.$ilDB->quote($a_typ_id,'integer').' '.
1007 'ORDER BY op_order';
1008
1009 $res = $ilDB->query($query);
1010
1011 while($row = $ilDB->fetchObject($res))
1012 {
1013 $ops_id[] = $row->ops_id;
1014 }
1015
1016 return $ops_id ? $ops_id : array();
1017 }

References $ilDB, $query, $res, and $row.

Referenced by getOperationsOnTypeString().

+ Here is the caller graph for this function:

◆ getOperationsOnTypeString()

ilRbacReview::getOperationsOnTypeString (   $a_type)

all possible operations of a type @access public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1027 of file class.ilRbacReview.php.

1028 {
1029 global $ilDB;
1030
1031 $query = "SELECT * FROM object_data WHERE type = 'typ' AND title = ".$ilDB->quote($a_type ,'text')." ";
1032
1033
1034 $res = $this->ilDB->query($query);
1035 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1036 {
1037 return $this->getOperationsOnType($row->obj_id);
1038 }
1039 return false;
1040 }
ilRbacReview\getOperationsOnType
getOperationsOnType($a_typ_id)
all possible operations of a type @access public
Definition: class.ilRbacReview.php:993

References $a_type, $ilDB, $query, $res, $row, ilDBConstants\FETCHMODE_OBJECT, getOperationsOnType(), and ilDB\query().

+ Here is the call graph for this function:

◆ getParentRoleIds()

ilRbacReview::getParentRoleIds (   $a_endnode_id,
  $a_templates = false 
)

get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates @access public

Parameters
integerref_id of an object which is end node
booleantrue for role templates (default: false)
Returns
array array(role_ids => role_data)
Todo:
refactor rolf => DONE

Definition at line 154 of file class.ilRbacReview.php.

155 {
156 global $tree;
157
158 if (!isset($a_endnode_id))
159 {
160 $GLOBALS['ilLog']->logStack();
161 $message = get_class($this)."::getParentRoleIds(): No node_id (ref_id) given!";
162 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
163 }
164
165 //var_dump($a_endnode_id);exit;
166 //$log->write("ilRBACreview::getParentRoleIds(), 0");
167 $pathIds = $tree->getPathId($a_endnode_id);
168
169 // add system folder since it may not in the path
170 //$pathIds[0] = SYSTEM_FOLDER_ID;
171 $pathIds[0] = ROLE_FOLDER_ID;
172 //$log->write("ilRBACreview::getParentRoleIds(), 1");
173 #return $this->getParentRoles($a_endnode_id,$a_templates,$a_keep_protected);
174 return $this->__getParentRoles($pathIds,$a_templates);
175 }
ilRbacReview\__getParentRoles
__getParentRoles($a_path, $a_templates)
Note: This function performs faster than the new getParentRoles function, because it uses database in...
Definition: class.ilRbacReview.php:116

References $GLOBALS, and __getParentRoles().

+ Here is the call graph for this function:

◆ getRoleFolderOfRole()

ilRbacReview::getRoleFolderOfRole (   $a_role_id)

Get role folder of role @global ilDB $ilDB.

Parameters
int$a_role_id
Returns
int
Todo:
refactor rolf => RENAME

Definition at line 1789 of file class.ilRbacReview.php.

1790 {
1791 global $ilDB;
1792
1793 if(ilObject::_lookupType($a_role_id) == 'role')
1794 {
1795 $and = ('AND assign = '.$ilDB->quote('y','text'));
1796 }
1797 else
1798 {
1799 $and = '';
1800 }
1801
1802 $query = 'SELECT * FROM rbac_fa '.
1803 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1804 $and;
1805 $res = $ilDB->query($query);
1806 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1807 {
1808 return $row->parent;
1809 }
1810 return 0;
1811 }
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1176

References $ilDB, $query, $res, $row, ilObject\_lookupType(), and ilDBConstants\FETCHMODE_OBJECT.

+ Here is the call graph for this function:

◆ getRoleListByObject()

ilRbacReview::getRoleListByObject (   $a_ref_id,
  $a_templates = false 
)

Returns a list of roles in an container @access public.

Parameters
integerref_id of object
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 185 of file class.ilRbacReview.php.

186 {
187 global $ilDB;
188
189 if (!isset($a_ref_id) or !isset($a_templates))
190 {
191 $message = get_class($this)."::getRoleListByObject(): Missing parameter!".
192 "ref_id: ".$a_ref_id.
193 "tpl_flag: ".$a_templates;
194 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
195 }
196
197 $role_list = array();
198
199 $where = $this->__setTemplateFilter($a_templates);
200
201 $query = "SELECT * FROM object_data ".
202 "JOIN rbac_fa ON obj_id = rol_id ".
203 $where.
204 "AND object_data.obj_id = rbac_fa.rol_id ".
205 "AND rbac_fa.parent = ".$ilDB->quote($a_ref_id,'integer')." ";
206
207 $res = $ilDB->query($query);
208 while ($row = $ilDB->fetchAssoc($res))
209 {
210 $row["desc"] = $row["description"];
211 $row["user_id"] = $row["owner"];
212 $role_list[] = $row;
213 }
214
215 $role_list = $this->__setRoleType($role_list);
216
217 return $role_list;
218 }

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

Referenced by __getParentRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getRoleOperationsOnObject()

ilRbacReview::getRoleOperationsOnObject (   $a_role_id,
  $a_ref_id 
)

@global ilDB $ilDB

Parameters
type$a_role_id
type$a_ref_id
Returns
type
Todo:
rafactor rolf => DONE

Definition at line 969 of file class.ilRbacReview.php.

970 {
971 global $ilDB;
972
973 $query = "SELECT * FROM rbac_pa ".
974 "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ".
975 "AND ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
976
977 $res = $ilDB->query($query);
978 while($row = $ilDB->fetchObject($res))
979 {
980 $ops = unserialize($row->ops_id);
981 }
982
983 return $ops ? $ops : array();
984 }

References $ilDB, $query, $res, and $row.

◆ getRolesByFilter()

ilRbacReview::getRolesByFilter (   $a_filter = 0,
  $a_user_id = 0,
  $title_filter = '' 
)

@global ilDB $ilDB

Parameters
type$a_filter
type$a_user_id
type$title_filter
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1171 of file class.ilRbacReview.php.

1172 {
1173 global $ilDB;
1174
1175 $assign = "y";
1176
1177 switch($a_filter)
1178 {
1179 // all (assignable) roles
1180 case self::FILTER_ALL:
1181 return $this->getAssignableRoles(true,true,$title_filter);
1182 break;
1183
1184 // all (assignable) global roles
1185 case self::FILTER_ALL_GLOBAL:
1186 $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),false,'integer').' ';
1187 break;
1188
1189 // all (assignable) local roles
1190 case self::FILTER_ALL_LOCAL:
1191 case self::FILTER_INTERNAL:
1192 case self::FILTER_NOT_INTERNAL:
1193 $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),true,'integer');
1194 break;
1195
1196 // all role templates
1197 case self::FILTER_TEMPLATES:
1198 $where = "WHERE object_data.type = 'rolt'";
1199 $assign = "n";
1200 break;
1201
1202 // only assigned roles, handled by ilObjUserGUI::roleassignmentObject()
1203 case 0:
1204 default:
1205 if(!$a_user_id)
1206 return array();
1207
1208 $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->assignedRoles($a_user_id),false,'integer').' ';
1209 break;
1210 }
1211
1212 $roles = array();
1213
1214 $query = "SELECT * FROM object_data ".
1215 "JOIN rbac_fa ON obj_id = rol_id ".
1216 $where.
1217 "AND rbac_fa.assign = ".$ilDB->quote($assign,'text')." ";
1218
1219 if(strlen($title_filter))
1220 {
1221 $query .= (' AND '.$ilDB->like(
1222 'title',
1223 'text',
1224 '%'.$title_filter.'%'
1225 ));
1226 }
1227
1228 $res = $ilDB->query($query);
1229 while($row = $ilDB->fetchAssoc($res))
1230 {
1231 $prefix = (substr($row["title"],0,3) == "il_") ? true : false;
1232
1233 // all (assignable) internal local roles only
1234 if ($a_filter == 4 and !$prefix)
1235 {
1236 continue;
1237 }
1238
1239 // all (assignable) non internal local roles only
1240 if ($a_filter == 5 and $prefix)
1241 {
1242 continue;
1243 }
1244
1245 $row["desc"] = $row["description"];
1246 $row["user_id"] = $row["owner"];
1247 $roles[] = $row;
1248 }
1249
1250 $roles = $this->__setRoleType($roles);
1251
1252 return $roles ? $roles : array();
1253 }
ilRbacReview\getAssignableRoles
getAssignableRoles($a_templates=false, $a_internal_roles=false, $title_filter='')
Returns a list of all assignable roles @access public.
Definition: class.ilRbacReview.php:227

References $ilDB, $query, $res, $row, __setRoleType(), assignedRoles(), FILTER_ALL, FILTER_ALL_GLOBAL, FILTER_ALL_LOCAL, FILTER_INTERNAL, FILTER_NOT_INTERNAL, FILTER_TEMPLATES, getAssignableRoles(), and getGlobalRoles().

+ Here is the call graph for this function:

◆ getRolesForIDs()

ilRbacReview::getRolesForIDs (   $role_ids,
  $use_templates 
)

@global ilDB $ilDB

Parameters
type$role_ids
type$use_templates
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1692 of file class.ilRbacReview.php.

1693 {
1694 global $ilDB;
1695
1696 $role_list = array();
1697
1698 $where = $this->__setTemplateFilter($use_templates);
1699
1700 $query = "SELECT * FROM object_data ".
1701 "JOIN rbac_fa ON object_data.obj_id = rbac_fa.rol_id ".
1702 $where.
1703 "AND rbac_fa.assign = 'y' " .
1704 'AND '.$ilDB->in('object_data.obj_id',$role_ids,false,'integer');
1705
1706 $res = $ilDB->query($query);
1707 while($row = $ilDB->fetchAssoc($res))
1708 {
1709 $row["desc"] = $row["description"];
1710 $row["user_id"] = $row["owner"];
1711 $role_list[] = $row;
1712 }
1713
1714 $role_list = $this->__setRoleType($role_list);
1715 return $role_list;
1716 }

References $ilDB, $query, $res, $row, __setRoleType(), and __setTemplateFilter().

+ Here is the call graph for this function:

◆ getRolesOfObject()

ilRbacReview::getRolesOfObject (   $a_ref_id,
  $a_assignable_only = FALSE 
)

Get roles of object.

Parameters
type$a_ref_id
type$a_assignable
Exceptions
InvalidArgumentException
Todo:
refactor rolf => DONE

Definition at line 645 of file class.ilRbacReview.php.

646 {
647 global $ilDB;
648
649 if(!isset($a_ref_id))
650 {
651 $GLOBALS['ilLog']->logStack();
652 throw new InvalidArgumentException(__METHOD__.': No ref_id given!');
653 }
654 if($a_assignable_only === TRUE)
655 {
656 $and = 'AND assign = '.$ilDB->quote('y','text');
657 }
658 $query = "SELECT rol_id FROM rbac_fa ".
659 "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
660 $and;
661
662 $res = $ilDB->query($query);
663
664 $role_ids = array();
665 while($row = $ilDB->fetchObject($res))
666 {
667 $role_ids[] = $row->rol_id;
668 }
669 return $role_ids;
670 }

References $GLOBALS, $ilDB, $query, $res, and $row.

◆ getRolesOfRoleFolder()

ilRbacReview::getRolesOfRoleFolder (   $a_ref_id,
  $a_nonassignable = true 
)

get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids @access public

Parameters
integerref_id of object
booleanif false only get true local roles
Returns
array Array with rol_ids
Deprecated:
since version 4.5.0
Todo:
refactor rolf => RENAME

Definition at line 685 of file class.ilRbacReview.php.

686 {
687 global $ilBench,$ilDB,$ilLog;
688
689 $ilBench->start("RBAC", "review_getRolesOfRoleFolder");
690
691 if (!isset($a_ref_id))
692 {
693 $message = get_class($this)."::getRolesOfRoleFolder(): No ref_id given!";
694 ilLoggerFactory::getLogger('ac')->logStack();
695 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
696
697 }
698
699 if ($a_nonassignable === false)
700 {
701 $and = " AND assign='y'";
702 }
703
704 $query = "SELECT rol_id FROM rbac_fa ".
705 "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
706 $and;
707
708 $res = $ilDB->query($query);
709 while($row = $ilDB->fetchObject($res))
710 {
711 $rol_id[] = $row->rol_id;
712 }
713
714 $ilBench->stop("RBAC", "review_getRolesOfRoleFolder");
715
716 return $rol_id ? $rol_id : array();
717 }

References $ilBench, $ilDB, $ilLog, $query, $res, $row, and ilLoggerFactory\getLogger().

Referenced by getGlobalRoles(), getGlobalRolesArray(), getLocalPolicies(), and getLocalRoles().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getTypeId()

ilRbacReview::getTypeId (   $a_type)

Get type id of object @global ilDB $ilDB.

Parameters
type$a_type
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1262 of file class.ilRbacReview.php.

1263 {
1264 global $ilDB;
1265
1266 $q = "SELECT obj_id FROM object_data ".
1267 "WHERE title=".$ilDB->quote($a_type ,'text')." AND type='typ'";
1268 $r = $ilDB->query($q);
1269
1270 $row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
1271 return $row->obj_id;
1272 }

References $a_type, $ilDB, $r, $row, and ilDBConstants\FETCHMODE_OBJECT.

◆ getUserPermissionsOnObject()

ilRbacReview::getUserPermissionsOnObject (   $a_user_id,
  $a_ref_id 
)

Get all user permissions on an object.

Parameters
int$a_user_iduser id
int$a_ref_idref id
Todo:
refactor rolf => DONE

Definition at line 1820 of file class.ilRbacReview.php.

1821 {
1822 global $ilDB;
1823
1824 $query = "SELECT ops_id FROM rbac_pa JOIN rbac_ua ".
1825 "ON (rbac_pa.rol_id = rbac_ua.rol_id) ".
1826 "WHERE rbac_ua.usr_id = ".$ilDB->quote($a_user_id,'integer')." ".
1827 "AND rbac_pa.ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
1828
1829 $res = $ilDB->query($query);
1830 $all_ops = array();
1831 while ($row = $ilDB->fetchObject($res))
1832 {
1833 $ops = unserialize($row->ops_id);
1834 $all_ops = array_merge($all_ops, $ops);
1835 }
1836 $all_ops = array_unique($all_ops);
1837
1838 $set = $ilDB->query("SELECT operation FROM rbac_operations ".
1839 " WHERE ".$ilDB->in("ops_id", $all_ops, false, "integer"));
1840 $perms = array();
1841 while ($rec = $ilDB->fetchAssoc($set))
1842 {
1843 $perms[] = $rec["operation"];
1844 }
1845
1846 return $perms;
1847 }

References $ilDB, $query, $res, and $row.

◆ hasMultipleAssignments()

ilRbacReview::hasMultipleAssignments (   $a_role_id)

Temporary bugfix.

Todo:
refactor rolf => DONE

Definition at line 591 of file class.ilRbacReview.php.

592 {
593 global $ilDB;
594
595 $query = "SELECT * FROM rbac_fa WHERE rol_id = ".$ilDB->quote($a_role_id,'integer').' '.
596 "AND assign = ".$ilDB->quote('y','text');
597 $res = $ilDB->query($query);
598 return $res->numRows() > 1;
599 }

References $ilDB, $query, and $res.

◆ isAssignable()

ilRbacReview::isAssignable (   $a_rol_id,
  $a_ref_id 
)

Check if its possible to assign users @access public.

Parameters
integerobject id of role
integerref_id of object in question
Returns
boolean
Todo:
refactor rolf (expects object reference id instead of rolf) => DONE

Definition at line 557 of file class.ilRbacReview.php.

558 {
559 global $ilBench,$ilDB;
560
561 $ilBench->start("RBAC", "review_isAssignable");
562
563 // exclude system role from rbac
564 if ($a_rol_id == SYSTEM_ROLE_ID)
565 {
566 $ilBench->stop("RBAC", "review_isAssignable");
567 return true;
568 }
569
570 if (!isset($a_rol_id) or !isset($a_ref_id))
571 {
572 $message = get_class($this)."::isAssignable(): Missing parameter!".
573 " role_id: ".$a_rol_id." ,ref_id: ".$a_ref_id;
574 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
575 }
576 $query = "SELECT * FROM rbac_fa ".
577 "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
578 "AND parent = ".$ilDB->quote($a_ref_id,'integer')." ";
579 $res = $ilDB->query($query);
580 $row = $ilDB->fetchObject($res);
581
582 $ilBench->stop("RBAC", "review_isAssignable");
583 return $row->assign == 'y' ? true : false;
584 }

References $ilBench, $ilDB, $query, $res, and $row.

Referenced by getLocalRoles(), and isDeleteable().

+ Here is the caller graph for this function:

◆ isAssigned()

ilRbacReview::isAssigned (   $a_usr_id,
  $a_role_id 
)

check if a specific user is assigned to specific role @access public

Parameters
integerusr_id
integerrole_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 458 of file class.ilRbacReview.php.

459 {
460 if(isset(self::$is_assigned_cache[$a_role_id][$a_usr_id])) {
461 return self::$is_assigned_cache[$a_role_id][$a_usr_id];
462 }
463 // Quickly determine if user is assigned to a role
464 global $ilDB;
465
466 $ilDB->setLimit(1,0);
467 $query = "SELECT usr_id FROM rbac_ua WHERE ".
468 "rol_id= ".$ilDB->quote($a_role_id,'integer')." ".
469 "AND usr_id= ".$ilDB->quote($a_usr_id);
470 $res = $ilDB->query($query);
471
472 $is_assigned = $res->numRows() == 1;
473 self::$is_assigned_cache[$a_role_id][$a_usr_id] = $is_assigned;
474
475 return $is_assigned;
476 }

References $ilDB, $query, and $res.

◆ isAssignedToAtLeastOneGivenRole()

ilRbacReview::isAssignedToAtLeastOneGivenRole (   $a_usr_id,
  $a_role_ids 
)

check if a specific user is assigned to at least one of the given role ids.

This function is used to quickly check whether a user is member of a course or a group.

@access public

Parameters
integerusr_id
array[integer]role_ids
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 490 of file class.ilRbacReview.php.

491 {
492 global $ilDB;
493
494 $ilDB->setLimit(1,0);
495 $query = "SELECT usr_id FROM rbac_ua WHERE ".
496 $ilDB->in('rol_id',$a_role_ids,false,'integer').
497 " AND usr_id= ".$ilDB->quote($a_usr_id);
498 $res = $ilDB->query($query);
499
500 return $ilDB->numRows($res) == 1;
501 }

References $ilDB, $query, and $res.

◆ isBlockedAtPosition()

ilRbacReview::isBlockedAtPosition (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked at position @global ilDB $ilDB.

Parameters
type$a_role_id
type$a_ref_id
Returns
boolean

Definition at line 1408 of file class.ilRbacReview.php.

1409 {
1410 global $ilDB;
1411
1412 $query = 'SELECT blocked from rbac_fa '.
1413 'WHERE rol_id = '. $ilDB->quote($a_role_id,'integer').' '.
1414 'AND parent = '.$ilDB->quote($a_ref_id,'integer');
1415 $res = $ilDB->query($query);
1416 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1417 {
1418 return (bool) $row->blocked;
1419 }
1420 return FALSE;
1421 }

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

Referenced by isBlockedInUpperContext().

+ Here is the caller graph for this function:

◆ isBlockedInUpperContext()

ilRbacReview::isBlockedInUpperContext (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked in upper context.

Parameters
type$a_role_id
type$a_ref_id

Definition at line 1428 of file class.ilRbacReview.php.

1429 {
1430 global $ilDB, $tree;
1431
1432 if($this->isBlockedAtPosition($a_role_id, $a_ref_id))
1433 {
1434 return FALSE;
1435 }
1436 $query = 'SELECT parent from rbac_fa '.
1437 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1438 'AND blocked = '.$ilDB->quote(1,'integer');
1439 $res = $ilDB->query($query);
1440
1441 $parent_ids = array();
1442 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1443 {
1444 $parent_ids[] = $row->parent;
1445 }
1446
1447 foreach($parent_ids as $parent_id)
1448 {
1449 if($tree->isGrandChild($parent_id, $a_ref_id))
1450 {
1451 return TRUE;
1452 }
1453 }
1454 return FALSE;
1455 }
ilRbacReview\isBlockedAtPosition
isBlockedAtPosition($a_role_id, $a_ref_id)
Check if role is blocked at position @global ilDB $ilDB.
Definition: class.ilRbacReview.php:1408

References $ilDB, $query, $res, $row, ilDBConstants\FETCHMODE_OBJECT, and isBlockedAtPosition().

+ Here is the call graph for this function:

◆ isDeleteable()

ilRbacReview::isDeleteable (   $a_role_id,
  $a_rolf_id 
)

Check if role is deleteable at a specific position.

Parameters
object$a_role_id
introlf_id
Returns
Todo:
refactor rolf => DONE

Definition at line 1752 of file class.ilRbacReview.php.

1753 {
1754 if(!$this->isAssignable($a_role_id, $a_rolf_id))
1755 {
1756 return false;
1757 }
1758 if($a_role_id == SYSTEM_ROLE_ID or $a_role_id == ANONYMOUS_ROLE_ID)
1759 {
1760 return false;
1761 }
1762 if(substr(ilObject::_lookupTitle($a_role_id),0,3) == 'il_')
1763 {
1764 return false;
1765 }
1766 return true;
1767 }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:924

References ilObject\_lookupTitle(), and isAssignable().

+ Here is the call graph for this function:

◆ isDeleted()

ilRbacReview::isDeleted (   $a_node_id)

Checks if a rolefolder is set as deleted (negative tree_id) @access public.

Parameters
integerref_id of rolefolder
Returns
boolean true if rolefolder is set as deleted
Todo:
refactor rolf => DELETE method

Definition at line 1123 of file class.ilRbacReview.php.

1124 {
1125 global $ilDB;
1126
1127 $q = "SELECT tree FROM tree WHERE child =".$ilDB->quote($a_node_id)." ";
1128 $r = $this->ilDB->query($q);
1129
1130 $row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
1131
1132 if (!$row)
1133 {
1134 $message = sprintf('%s::isDeleted(): Role folder with ref_id %s not found!',
1135 get_class($this),
1136 $a_node_id);
1137 $this->log->write($message,$this->log->FATAL);
1138
1139 return true;
1140 }
1141
1142 // rolefolder is deleted
1143 if ($row->tree < 0)
1144 {
1145 return true;
1146 }
1147
1148 return false;
1149 }

References $ilDB, $r, $row, ilDBConstants\FETCHMODE_OBJECT, ilDB\query(), and sprintf.

Referenced by isRoleDeleted().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isGlobalRole()

ilRbacReview::isGlobalRole (   $a_role_id)

Check if role is a global role.

Parameters
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1157 of file class.ilRbacReview.php.

1158 {
1159 return in_array($a_role_id,$this->getGlobalRoles());
1160 }

References getGlobalRoles().

+ Here is the call graph for this function:

◆ isProtected()

ilRbacReview::isProtected (   $a_ref_id,
  $a_role_id 
)
Todo:
refactor rolf => search calls @global ilDB $ilDB
Parameters
type$a_ref_id
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1388 of file class.ilRbacReview.php.

1389 {
1390 global $ilDB;
1391
1392 // ref_id not used yet. protected permission acts 'global' for each role,
1393 $query = "SELECT protected FROM rbac_fa ".
1394 "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
1395 $res = $ilDB->query($query);
1396 $row = $ilDB->fetchAssoc($res);
1397
1398 return ilUtil::yn2tf($row['protected']);
1399 }
ilUtil\yn2tf
static yn2tf($a_yn)
convert "y"/"n" to true/false
Definition: class.ilUtil.php:3228

References $ilDB, $query, $res, $row, and ilUtil\yn2tf().

+ Here is the call graph for this function:

◆ isRoleAssignedToObject()

ilRbacReview::isRoleAssignedToObject (   $a_role_id,
  $a_parent_id 
)

Check if role is assigned to an object.

Todo:
refactor rolf => DONE (renamed)

Definition at line 807 of file class.ilRbacReview.php.

808 {
809 global $rbacreview, $ilDB;
810
811 $query = 'SELECT * FROM rbac_fa '.
812 'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
813 'AND parent = '.$ilDB->quote($a_parent_id,'integer');
814 $res = $ilDB->query($query);
815 return $res->numRows() ? true : false;
816 }

References $ilDB, $query, and $res.

◆ isRoleDeleted()

ilRbacReview::isRoleDeleted (   $a_role_id)

return if role is only attached to deleted role folders

Parameters
int$a_role_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1666 of file class.ilRbacReview.php.

1667 {
1668 $rolf_list = $this->getFoldersAssignedToRole($a_role_id, false);
1669 $deleted = true;
1670 if (count($rolf_list))
1671 {
1672 foreach ($rolf_list as $rolf) {
1673 // only list roles that are not set to status "deleted"
1674 if (!$this->isDeleted($rolf))
1675 {
1676 $deleted = false;
1677 break;
1678 }
1679 }
1680 }
1681 return $deleted;
1682 }
ilRbacReview\isDeleted
isDeleted($a_node_id)
Checks if a rolefolder is set as deleted (negative tree_id) @access public.
Definition: class.ilRbacReview.php:1123
ilRbacReview\getFoldersAssignedToRole
getFoldersAssignedToRole($a_rol_id, $a_assignable=false)
Returns an array of objects assigned to a role.
Definition: class.ilRbacReview.php:612

References getFoldersAssignedToRole(), and isDeleted().

+ Here is the call graph for this function:

◆ isSystemGeneratedRole()

ilRbacReview::isSystemGeneratedRole (   $a_role_id)

Check if the role is system generate role or role template.

Parameters
int$a_role_id
Returns
bool
Todo:
refactor rolf => DONE

Definition at line 1775 of file class.ilRbacReview.php.

1776 {
1777 $title = ilObject::_lookupTitle($a_role_id);
1778 return substr($title,0,3) == 'il_' ? true : false;
1779 }

References $title, and ilObject\_lookupTitle().

+ Here is the call graph for this function:

◆ lookupCreateOperationIds()

static ilRbacReview::lookupCreateOperationIds (   $a_type_arr)
static

Lookup operation ids.

Parameters
array$a_type_arre.g array('cat','crs','grp'). The operation name (e.g. 'create_cat') is generated automatically
Returns
array int Array with operation ids
Todo:
refactor rolf => DONE

Definition at line 1347 of file class.ilRbacReview.php.

1348 {
1349 global $ilDB;
1350
1351 $operations = array();
1352 foreach($a_type_arr as $type)
1353 {
1354 $operations[] = ('create_'.$type);
1355 }
1356
1357 if(!count($operations))
1358 {
1359 return array();
1360 }
1361
1362 $query = 'SELECT ops_id, operation FROM rbac_operations '.
1363 'WHERE '.$ilDB->in('operation',$operations,false,'text');
1364
1365 $res = $ilDB->query($query);
1366
1367 $ops_ids = array();
1368 while($row = $ilDB->fetchObject($res))
1369 {
1370 $type_arr = explode('_', $row->operation);
1371 $type = $type_arr[1];
1372
1373 $ops_ids[$type] = $row->ops_id;
1374 }
1375 return $ops_ids;
1376 }

References $ilDB, $query, $res, and $row.

Referenced by ilObjectXMLWriter\__appendOperations(), ilObjectRolePermissionTableGUI\parse(), ilObjectRoleTemplatePermissionTableGUI\parse(), ilPermissionGUI\savePermissions(), and ilObjStudyProgrammeTest\testCreatePermissionExists().

+ Here is the caller graph for this function:

◆ roleExists()

ilRbacReview::roleExists (   $a_title,
  $a_id = 0 
)

Checks if a role already exists.

Role title should be unique @access public

Parameters
stringrole title
integerobj_id of role to exclude in the check. Commonly this is the current role you want to edit
Returns
boolean true if exists
Todo:
refactor rolf => DONE

Definition at line 78 of file class.ilRbacReview.php.

79 {
80 global $ilDB;
81
82 if (empty($a_title))
83 {
84 $message = get_class($this)."::roleExists(): No title given!";
85 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
86 }
87
88 $clause = ($a_id) ? " AND obj_id != ".$ilDB->quote($a_id)." " : "";
89
90 $q = "SELECT DISTINCT(obj_id) obj_id FROM object_data ".
91 "WHERE title =".$ilDB->quote($a_title)." ".
92 "AND type IN('role','rolt')".
93 $clause." ";
94 $r = $this->ilDB->query($q);
95
96 while($row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
97 {
98 return $row->obj_id;
99 }
100 return false;
101 }

References $ilDB, $r, $row, ilDBConstants\FETCHMODE_OBJECT, and ilDB\query().

+ Here is the call graph for this function:

◆ setAssignedCacheEntry()

ilRbacReview::setAssignedCacheEntry (   $a_role_id,
  $a_user_id,
  $a_value 
)

set entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id
bool$a_value

Definition at line 1855 of file class.ilRbacReview.php.

1856 {
1857 self::$is_assigned_cache[$a_role_id][$a_user_id] = $a_value;
1858 }

Field Documentation

◆ $_opsCache

ilRbacReview::$_opsCache = null
staticprivate

Definition at line 29 of file class.ilRbacReview.php.

◆ $assigned_users_cache

ilRbacReview::$assigned_users_cache = array()
staticprotected

Definition at line 34 of file class.ilRbacReview.php.

◆ $is_assigned_cache

ilRbacReview::$is_assigned_cache = array()
staticprotected

Definition at line 39 of file class.ilRbacReview.php.

◆ $log

ilRbacReview::$log
protected

Definition at line 44 of file class.ilRbacReview.php.

Referenced by __setProtectedStatus().

◆ FILTER_ALL

const ilRbacReview::FILTER_ALL = 1

Definition at line 21 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_ALL_GLOBAL

const ilRbacReview::FILTER_ALL_GLOBAL = 2

Definition at line 22 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_ALL_LOCAL

const ilRbacReview::FILTER_ALL_LOCAL = 3

Definition at line 23 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_INTERNAL

const ilRbacReview::FILTER_INTERNAL = 4

Definition at line 24 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_NOT_INTERNAL

const ilRbacReview::FILTER_NOT_INTERNAL = 5

Definition at line 25 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

◆ FILTER_TEMPLATES

const ilRbacReview::FILTER_TEMPLATES = 6

Definition at line 26 of file class.ilRbacReview.php.

Referenced by getRolesByFilter(), and ilRoleTableGUI\initFilter().

The documentation for this class was generated from the following file: