ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Static Protected Attributes | Static Private Attributes
ilRbacReview Class Reference
Services/AccessControl

class ilRbacReview Contains Review functions of core Rbac. More...

+ Collaboration diagram for ilRbacReview:

Public Member Functions

 __construct ()
 Constructor public. More...
 
 roleExists ($a_title, $a_id=0)
 Checks if a role already exists. More...
 
 getParentRoleIds ($a_endnode_id, $a_templates=false)
 get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates public More...
 
 getRoleListByObject ($a_ref_id, $a_templates=false)
 Returns a list of roles in an container public. More...
 
 getAssignableRoles ($a_templates=false, $a_internal_roles=false, $title_filter='')
 Returns a list of all assignable roles public. More...
 
 getAssignableRolesInSubtree ($ref_id)
 Returns a list of assignable roles in a subtree of the repository public. More...
 
 getAssignableChildRoles ($a_ref_id)
 Get all assignable roles directly under a specific node public. More...
 
 getNumberOfAssignedUsers (Array $a_roles)
 Get the number of assigned users to roles ilDB $ilDB. More...
 
 assignedUsers ($a_rol_id)
 get all assigned users to a given role public More...
 
 isAssigned ($a_usr_id, $a_role_id)
 check if a specific user is assigned to specific role public More...
 
 isAssignedToAtLeastOneGivenRole ($a_usr_id, $a_role_ids)
 check if a specific user is assigned to at least one of the given role ids. More...
 
 assignedRoles ($a_usr_id)
 get all assigned roles to a given user public More...
 
 assignedGlobalRoles ($a_usr_id)
 Get assigned global roles for an user. More...
 
 isAssignable ($a_rol_id, $a_ref_id)
 Check if its possible to assign users public. More...
 
 hasMultipleAssignments ($a_role_id)
 Temporary bugfix. More...
 
 getFoldersAssignedToRole ($a_rol_id, $a_assignable=false)
 Returns an array of objects assigned to a role. More...
 
 getRolesOfObject ($a_ref_id, $a_assignable_only=FALSE)
 Get roles of object. More...
 
 getRolesOfRoleFolder ($a_ref_id, $a_nonassignable=true)
 get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids public More...
 
 getGlobalRoles ()
 get only 'global' roles public More...
 
 getLocalRoles ($a_ref_id)
 Get local roles of object. More...
 
 getLocalPolicies ($a_ref_id)
 Get all roles with local policies. More...
 
 getGlobalRolesArray ()
 get only 'global' roles public More...
 
 getGlobalAssignableRoles ()
 get only 'global' roles (with flag 'assign_users') public More...
 
 isRoleAssignedToObject ($a_role_id, $a_parent_id)
 Check if role is assigned to an object. More...
 
 getOperations ()
 get all possible operations public More...
 
 getOperation ($ops_id)
 get one operation by operation id public More...
 
 getAllOperationsOfRole ($a_rol_id, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public More...
 
 getActiveOperationsOfRole ($a_ref_id, $a_role_id)
 Get active operations for a role. More...
 
 getOperationsOfRole ($a_rol_id, $a_type, $a_parent=0)
 get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public More...
 
 getRoleOperationsOnObject ($a_role_id, $a_ref_id)
 ilDB $ilDB More...
 
 getOperationsOnType ($a_typ_id)
 all possible operations of a type public More...
 
 getOperationsOnTypeString ($a_type)
 all possible operations of a type public More...
 
 getOperationsByTypeAndClass ($a_type, $a_class)
 Get operations by type and class. More...
 
 getObjectsWithStopedInheritance ($a_rol_id, $a_filter=array())
 get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder. More...
 
 isDeleted ($a_node_id)
 Checks if a rolefolder is set as deleted (negative tree_id) public. More...
 
 isGlobalRole ($a_role_id)
 Check if role is a global role. More...
 
 getRolesByFilter ($a_filter=0, $a_user_id=0, $title_filter='')
 ilDB $ilDB More...
 
 getTypeId ($a_type)
 Get type id of object ilDB $ilDB. More...
 
 isProtected ($a_ref_id, $a_role_id)
 
 isBlockedAtPosition ($a_role_id, $a_ref_id)
 Check if role is blocked at position ilDB $ilDB. More...
 
 isBlockedInUpperContext ($a_role_id, $a_ref_id)
 Check if role is blocked in upper context. More...
 
 getObjectOfRole ($a_role_id)
 Get object id of objects a role is assigned to. More...
 
 getObjectReferenceOfRole ($a_role_id)
 Get reference of role. More...
 
 isRoleDeleted ($a_role_id)
 return if role is only attached to deleted role folders More...
 
 getRolesForIDs ($role_ids, $use_templates)
 ilDB $ilDB More...
 
 getOperationAssignment ()
 get operation assignments More...
 
 isDeleteable ($a_role_id, $a_rolf_id)
 Check if role is deleteable at a specific position. More...
 
 isSystemGeneratedRole ($a_role_id)
 Check if the role is system generate role or role template. More...
 
 getRoleFolderOfRole ($a_role_id)
 Get role folder of role ilDB $ilDB. More...
 
 getUserPermissionsOnObject ($a_user_id, $a_ref_id)
 Get all user permissions on an object. More...
 
 setAssignedCacheEntry ($a_role_id, $a_user_id, $a_value)
 set entry of assigned_chache More...
 
 getAssignedCacheEntry ($a_role_id, $a_user_id)
 get entry of assigned_chache More...
 
 clearCaches ()
 Clear assigned users caches. More...
 

Static Public Member Functions

static _getOperationIdsByName ($operations)
 get ops_id's by name. More...
 
static _getOperationIdByName ($a_operation)
 get operation id by name of operation public static More...
 
static lookupCreateOperationIds ($a_type_arr)
 Lookup operation ids. More...
 
static _getOperationList ($a_type=null)
 get operation list by object type public static More...
 
static _groupOperationsByClass ($a_ops_arr)
 

Data Fields

const FILTER_ALL = 1
 
const FILTER_ALL_GLOBAL = 2
 
const FILTER_ALL_LOCAL = 3
 
const FILTER_INTERNAL = 4
 
const FILTER_NOT_INTERNAL = 5
 
const FILTER_TEMPLATES = 6
 

Protected Member Functions

 __getParentRoles ($a_path, $a_templates)
 Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan. More...
 
 __setTemplateFilter ($a_templates)
 get roles and templates or only roles; returns string for where clause private More...
 
 __setRoleType ($a_role_list)
 computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates More...
 
 __setProtectedStatus ($a_parent_roles, $a_role_hierarchy, $a_ref_id)
 Set protected status type $rbacsystem type $ilUser type $log. More...
 

Protected Attributes

 $log
 

Static Protected Attributes

static $assigned_users_cache = array()
 
static $is_assigned_cache = array()
 

Static Private Attributes

static $_opsCache = null
 

Detailed Description

class ilRbacReview Contains Review functions of core Rbac.

This class offers the possibility to view the contents of the user <-> role (UR) relation and the permission <-> role (PR) relation. For example, from the UA relation the administrator should have the facility to view all user assigned to a given role.

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Sascha Hofmann sasch.nosp@m.ahof.nosp@m.mann@.nosp@m.gmx..nosp@m.de
Version
$Id$

Definition at line 19 of file class.ilRbacReview.php.

Constructor & Destructor Documentation

◆ __construct()

ilRbacReview::__construct ( )

Constructor public.

Definition at line 50 of file class.ilRbacReview.php.

References $ilDB, $ilErr, array, ilLoggerFactory\getLogger(), and PEAR_ERROR_CALLBACK.

51  {
52  global $ilDB,$ilErr,$ilias;
53 
54  $this->log = ilLoggerFactory::getLogger('ac');
55 
56  // set db & error handler
57  (isset($ilDB)) ? $this->ilDB =& $ilDB : $this->ilDB =& $ilias->db;
58 
59  if (!isset($ilErr))
60  {
61  $ilErr = new ilErrorHandling();
62  $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
63  }
64  else
65  {
66  $this->ilErr =& $ilErr;
67  }
68  }
$ilErr
global $ilErr
Definition: raiseError.php:16
PEAR_ERROR_CALLBACK
const PEAR_ERROR_CALLBACK
Definition: PEAR.php:35
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilDB
Database Wrapper.
Definition: class.ilDB.php:29
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
if
PHPExcel root directory.
Definition: Database.php:30
+ Here is the call graph for this function:

Member Function Documentation

◆ __getParentRoles()

ilRbacReview::__getParentRoles (   $a_path,
  $a_templates 
)
protected

Note: This function performs faster than the new getParentRoles function, because it uses database indexes whereas getParentRoles needs a full table space scan.

Get parent roles in a path. If last parameter is set 'true' it delivers also all templates in the path protected

Parameters
arrayarray with path_ids
booleantrue for role templates (default: false)
Returns
array array with all parent roles (obj_ids)
Todo:
refactor rolf => DONE

Definition at line 116 of file class.ilRbacReview.php.

References $ref_id, __setProtectedStatus(), array, and getRoleListByObject().

Referenced by getParentRoleIds().

117  {
118  if (!isset($a_path) or !is_array($a_path))
119  {
120  $message = get_class($this)."::getParentRoles(): No path given or wrong datatype!";
121  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
122  }
123 
124  $parent_roles = array();
125  $role_hierarchy = array();
126 
127  foreach($a_path as $ref_id)
128  {
129  $roles = $this->getRoleListByObject($ref_id,$a_templates);
130  foreach($roles as $role)
131  {
132  $id = $role["obj_id"];
133  $role["parent"] = $ref_id;
134  $parent_roles[$id] = $role;
135 
136  if (!array_key_exists($role['obj_id'],$role_hierarchy))
137  {
138  $role_hierarchy[$id] = $ref_id;
139  }
140  }
141  }
142  return $this->__setProtectedStatus($parent_roles,$role_hierarchy,reset($a_path));
143  }
ilRbacReview\getRoleListByObject
getRoleListByObject($a_ref_id, $a_templates=false)
Returns a list of roles in an container public.
Definition: class.ilRbacReview.php:185
ilRbacReview\__setProtectedStatus
__setProtectedStatus($a_parent_roles, $a_role_hierarchy, $a_ref_id)
Set protected status type $rbacsystem type $ilUser type $log.
Definition: class.ilRbacReview.php:1471
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ref_id
$ref_id
Definition: sahs_server.php:39
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setProtectedStatus()

ilRbacReview::__setProtectedStatus (   $a_parent_roles,
  $a_role_hierarchy,
  $a_ref_id 
)
protected

Set protected status type $rbacsystem type $ilUser type $log.

Parameters
type$a_parent_roles
type$a_role_hierarchy
type$a_ref_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1471 of file class.ilRbacReview.php.

References $ilUser, $log, and assignedRoles().

Referenced by __getParentRoles().

1472  {
1473  //vd('refId',$a_ref_id,'parent roles',$a_parent_roles,'role-hierarchy',$a_role_hierarchy);
1474 
1475  global $rbacsystem,$ilUser,$log;
1476 
1477  if (in_array(SYSTEM_ROLE_ID,$this->assignedRoles($ilUser->getId())))
1478  {
1479  $leveladmin = true;
1480  }
1481  else
1482  {
1483  $leveladmin = false;
1484  }
1485  #vd("RoleHierarchy",$a_role_hierarchy);
1486  foreach ($a_role_hierarchy as $role_id => $rolf_id)
1487  {
1488  //$log->write("ilRBACreview::__setProtectedStatus(), 0");
1489  #echo "<br/>ROLF: ".$rolf_id." ROLE_ID: ".$role_id." (".$a_parent_roles[$role_id]['title'].") ";
1490  //var_dump($leveladmin,$a_parent_roles[$role_id]['protected']);
1491 
1492  if ($leveladmin == true)
1493  {
1494  $a_parent_roles[$role_id]['protected'] = false;
1495  continue;
1496  }
1497 
1498  if ($a_parent_roles[$role_id]['protected'] == true)
1499  {
1500  $arr_lvl_roles_user = array_intersect($this->assignedRoles($ilUser->getId()),array_keys($a_role_hierarchy,$rolf_id));
1501 
1502  #vd("intersection",$arr_lvl_roles_user);
1503 
1504  foreach ($arr_lvl_roles_user as $lvl_role_id)
1505  {
1506  #echo "<br/>level_role: ".$lvl_role_id;
1507  #echo "<br/>a_ref_id: ".$a_ref_id;
1508 
1509  //$log->write("ilRBACreview::__setProtectedStatus(), 1");
1510  // check if role grants 'edit_permission' to parent
1511  $rolf = $a_parent_roles[$role_id]['parent'];
1512  #$parent_obj = $GLOBALS['tree']->getParentId($rolf);
1513  if ($rbacsystem->checkPermission($rolf,$lvl_role_id,'edit_permission'))
1514  {
1515  #echo "<br />Permission granted";
1516  //$log->write("ilRBACreview::__setProtectedStatus(), 2");
1517  // user may change permissions of that higher-ranked role
1518  $a_parent_roles[$role_id]['protected'] = false;
1519 
1520  // remember successful check
1521  //$leveladmin = true;
1522  }
1523  }
1524  }
1525  }
1526  return $a_parent_roles;
1527  }
$ilUser
$ilUser
Definition: imgupload.php:18
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user public
Definition: class.ilRbacReview.php:510
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ __setRoleType()

ilRbacReview::__setRoleType (   $a_role_list)
protected

computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates

private

Parameters
arrayrole list
Returns
array role list with additional entry for role_type
Todo:
refactor rolf => DONE

Definition at line 354 of file class.ilRbacReview.php.

Referenced by getAssignableRoles(), getRoleListByObject(), getRolesByFilter(), and getRolesForIDs().

355  {
356  foreach ($a_role_list as $key => $val)
357  {
358  // determine role type
359  if ($val["type"] == "rolt")
360  {
361  $a_role_list[$key]["role_type"] = "template";
362  }
363  else
364  {
365  if ($val["assign"] == "y")
366  {
367  if ($val["parent"] == ROLE_FOLDER_ID)
368  {
369  $a_role_list[$key]["role_type"] = "global";
370  }
371  else
372  {
373  $a_role_list[$key]["role_type"] = "local";
374  }
375  }
376  else
377  {
378  $a_role_list[$key]["role_type"] = "linked";
379  }
380  }
381 
382  if ($val["protected"] == "y")
383  {
384  $a_role_list[$key]["protected"] = true;
385  }
386  else
387  {
388  $a_role_list[$key]["protected"] = false;
389  }
390  }
391 
392  return $a_role_list;
393  }
+ Here is the caller graph for this function:

◆ __setTemplateFilter()

ilRbacReview::__setTemplateFilter (   $a_templates)
protected

get roles and templates or only roles; returns string for where clause private

Parameters
booleantrue: with templates
Returns
string where clause
Todo:
refactor rolf => DONE

Definition at line 326 of file class.ilRbacReview.php.

References $ilDB, and array.

Referenced by getAssignableRoles(), getRoleListByObject(), and getRolesForIDs().

327  {
328  global $ilDB;
329 
330  if ($a_templates === true)
331  {
332  $where = "WHERE ".$ilDB->in('object_data.type',array('role','rolt'),false,'text')." ";
333  }
334  else
335  {
336  $where = "WHERE ".$ilDB->in('object_data.type',array('role'),false,'text')." ";
337  }
338 
339  return $where;
340  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getOperationIdByName()

static ilRbacReview::_getOperationIdByName (   $a_operation)
static

get operation id by name of operation public static

Parameters
stringoperation name
Returns
integer operation id
Todo:
refactor rolf => DONE

Definition at line 1312 of file class.ilRbacReview.php.

References $ilDB, $ilErr, $r, $row, array, and ilDBConstants\FETCHMODE_OBJECT.

Referenced by ilRepositoryObjectPlugin\beforeActivation(), ilRbacSystem\checkAccessOfUser(), and ilObjBlog\getRolesWithContributeOrRedact().

1313  {
1314  global $ilDB,$ilErr;
1315 
1316  if (!isset($a_operation))
1317  {
1318  $message = "perm::getOperationId(): No operation given!";
1319  $ilErr->raiseError($message,$ilErr->WARNING);
1320  }
1321 
1322  // Cache operation ids
1323  if (! is_array(self::$_opsCache)) {
1324  self::$_opsCache = array();
1325 
1326  $q = "SELECT ops_id, operation FROM rbac_operations";
1327  $r = $ilDB->query($q);
1328  while ($row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1329  {
1330  self::$_opsCache[$row->operation] = $row->ops_id;
1331  }
1332  }
1333 
1334  // Get operation ID by name from cache
1335  if (array_key_exists($a_operation, self::$_opsCache)) {
1336  return self::$_opsCache[$a_operation];
1337  }
1338  return null;
1339  }
$ilErr
global $ilErr
Definition: raiseError.php:16
$r
$r
Definition: example_031.php:79
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getOperationIdsByName()

static ilRbacReview::_getOperationIdsByName (   $operations)
static

get ops_id's by name.

Example usage: $rbacadmin->grantPermission($roles,ilRbacReview::_getOperationIdsByName(array('visible','read'),$ref_id));

public

Parameters
arraystring name of operation. see rbac_operations
Returns
array integer ops_id's
Todo:
refactor rolf => DONE

Definition at line 1284 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

Referenced by ilUtil\_getObjectsByOperations(), ilLicense\getPotentialAccesses(), and ilECSObjectSettings\handlePermissionUpdate().

1285  {
1286  global $ilDB;
1287 
1288  if(!count($operations))
1289  {
1290  return array();
1291  }
1292 
1293  $query = 'SELECT ops_id FROM rbac_operations '.
1294  'WHERE '.$ilDB->in('operation',$operations,false,'text');
1295 
1296  $res = $ilDB->query($query);
1297  while($row = $ilDB->fetchObject($res))
1298  {
1299  $ops_ids[] = $row->ops_id;
1300  }
1301  return $ops_ids ? $ops_ids : array();
1302  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _getOperationList()

static ilRbacReview::_getOperationList (   $a_type = null)
static

get operation list by object type public static

Parameters
stringobject type you want to have the operation list
stringorder column
stringorder direction (possible values: ASC or DESC)
Returns
array returns array of operations
Todo:
refactor rolf => DONE

Definition at line 1539 of file class.ilRbacReview.php.

References $a_type, $ilDB, $query, $res, $row, and array.

Referenced by ilSettingsPermissionGUI\__construct(), ilObjTypeDefinitionGUI\editObject(), ilObjectPermissionStatusGUI\getAccessPermissionTableData(), ilObjectPermissionStatusGUI\getAssignedValidRoles(), ilObjRoleTemplateGUI\permObject(), and ilObjTypeDefinitionGUI\viewObject().

1540  {
1541  global $ilDB;
1542 
1543  $arr = array();
1544 
1545  if ($a_type)
1546  {
1547  $query = sprintf('SELECT * FROM rbac_operations '.
1548  'JOIN rbac_ta ON rbac_operations.ops_id = rbac_ta.ops_id '.
1549  'JOIN object_data ON rbac_ta.typ_id = object_data.obj_id '.
1550  'WHERE object_data.title = %s '.
1551  'AND object_data.type = %s '.
1552  'ORDER BY op_order ASC',
1553  $ilDB->quote($a_type,'text'),
1554  $ilDB->quote('typ','text'));
1555  }
1556  else
1557  {
1558  $query = 'SELECT * FROM rbac_operations ORDER BY op_order ASC';
1559  }
1560  $res = $ilDB->query($query);
1561  while ($row = $ilDB->fetchAssoc($res))
1562  {
1563  $arr[] = array(
1564  "ops_id" => $row['ops_id'],
1565  "operation" => $row['operation'],
1566  "desc" => $row['description'],
1567  "class" => $row['class'],
1568  "order" => $row['op_order']
1569  );
1570  }
1571  return $arr;
1572  }
$a_type
$a_type
Definition: workflow.php:93
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ _groupOperationsByClass()

static ilRbacReview::_groupOperationsByClass (   $a_ops_arr)
static
Parameters
type$a_ops_arr
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1580 of file class.ilRbacReview.php.

References array.

1581  {
1582  $arr = array();
1583 
1584  foreach ($a_ops_arr as $ops)
1585  {
1586  $arr[$ops['class']][] = array ('ops_id' => $ops['ops_id'],
1587  'name' => $ops['operation']
1588  );
1589  }
1590  return $arr;
1591  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19

◆ assignedGlobalRoles()

ilRbacReview::assignedGlobalRoles (   $a_usr_id)

Get assigned global roles for an user.

Parameters
int$a_usr_idId of user account
Todo:
refactor rolf => DONE

Definition at line 531 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

532  {
533  global $ilDB;
534 
535  $query = "SELECT ua.rol_id FROM rbac_ua ua ".
536  "JOIN rbac_fa fa ON ua.rol_id = fa.rol_id ".
537  "WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer').' '.
538  "AND parent = ".$ilDB->quote(ROLE_FOLDER_ID)." ".
539  "AND assign = 'y' ";
540 
541  $res = $ilDB->query($query);
542  while($row = $ilDB->fetchObject($res))
543  {
544  $role_arr[] = $row->rol_id;
545  }
546  return $role_arr ? $role_arr : array();
547  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ assignedRoles()

ilRbacReview::assignedRoles (   $a_usr_id)

get all assigned roles to a given user public

Parameters
integerusr_id
Returns
array all roles (id) the user have
Todo:
refactor rolf => DONE

Definition at line 510 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

Referenced by __setProtectedStatus(), and getRolesByFilter().

511  {
512  global $ilDB;
513 
514  $role_arr = array();
515 
516  $query = "SELECT rol_id FROM rbac_ua WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer');
517 
518  $res = $ilDB->query($query);
519  while($row = $ilDB->fetchObject($res))
520  {
521  $role_arr[] = $row->rol_id;
522  }
523  return $role_arr ? $role_arr : array();
524  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ assignedUsers()

ilRbacReview::assignedUsers (   $a_rol_id)

get all assigned users to a given role public

Parameters
integerrole_id
Returns
array all users (id) assigned to role

Definition at line 421 of file class.ilRbacReview.php.

References $ilBench, $ilDB, $query, $res, $row, and array.

422  {
423  global $ilBench,$ilDB;
424 
425  if (!isset($a_rol_id))
426  {
427  $message = get_class($this)."::assignedUsers(): No role_id given!";
428  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
429  }
430  if(isset(self::$assigned_users_cache[$a_rol_id]))
431  {
432  return self::$assigned_users_cache[$a_rol_id];
433  }
434 
435  $result_arr = array();
436 
437  $query = "SELECT usr_id FROM rbac_ua WHERE rol_id= ".$ilDB->quote($a_rol_id,'integer');
438  $res = $ilDB->query($query);
439  while($row = $ilDB->fetchAssoc($res))
440  {
441  array_push($result_arr, $row["usr_id"]);
442  }
443 
444  self::$assigned_users_cache[$a_rol_id] = $result_arr;
445 
446  return $result_arr;
447  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ clearCaches()

ilRbacReview::clearCaches ( )

Clear assigned users caches.

Definition at line 1874 of file class.ilRbacReview.php.

References array.

1875  {
1876  self::$is_assigned_cache = array();
1877  self::$assigned_users_cache = array();
1878  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19

◆ getActiveOperationsOfRole()

ilRbacReview::getActiveOperationsOfRole (   $a_ref_id,
  $a_role_id 
)

Get active operations for a role.

Parameters
object$a_ref_id
object$a_role_id
Returns
Todo:
refactor rolf => DONE

Definition at line 900 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, array, and ilDBConstants\FETCHMODE_ASSOC.

901  {
902  global $ilDB;
903 
904  $query = 'SELECT * FROM rbac_pa '.
905  'WHERE ref_id = '.$ilDB->quote($a_ref_id,'integer').' '.
906  'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' ';
907 
908  $res = $ilDB->query($query);
909  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_ASSOC))
910  {
911  return unserialize($row['ops_id']);
912  }
913  return array();
914  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAllOperationsOfRole()

ilRbacReview::getAllOperationsOfRole (   $a_rol_id,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public

Parameters
integerrole_id
integerrole folder id
Returns
array array of operation_id and types
Todo:
refactor rolf => DONE

Definition at line 871 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

872  {
873  global $ilDB;
874 
875  if(!$a_parent)
876  {
877  $a_parent = ROLE_FOLDER_ID;
878  }
879 
880  $query = "SELECT ops_id,type FROM rbac_templates ".
881  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
882  "AND parent = ".$ilDB->quote($a_parent,'integer');
883  $res = $ilDB->query($query);
884 
885  $ops_arr = array();
886  while ($row = $ilDB->fetchObject($res))
887  {
888  $ops_arr[$row->type][] = $row->ops_id;
889  }
890  return (array) $ops_arr;
891  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAssignableChildRoles()

ilRbacReview::getAssignableChildRoles (   $a_ref_id)

Get all assignable roles directly under a specific node public.

Parameters
ref_id
Returns
array set ids
Todo:
refactor rolf => Find a better name; reduce sql fields

Definition at line 300 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

301  {
302  global $ilDB;
303 
304  $query = "SELECT fa.*, rd.* ".
305  "FROM object_data rd ".
306  "JOIN rbac_fa fa ON rd.obj_id = fa.rol_id ".
307  "WHERE fa.assign = 'y' ".
308  "AND fa.parent = ".$this->ilDB->quote($a_ref_id,'integer')." "
309  ;
310 
311  $res = $ilDB->query($query);
312  while($row = $ilDB->fetchAssoc($res))
313  {
314  $roles_data[] = $row;
315  }
316  return $roles_data ? $roles_data : array();
317  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAssignableRoles()

ilRbacReview::getAssignableRoles (   $a_templates = false,
  $a_internal_roles = false,
  $title_filter = '' 
)

Returns a list of all assignable roles public.

Parameters
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 227 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), __setTemplateFilter(), and array.

Referenced by getRolesByFilter().

228  {
229  global $ilDB;
230 
231  $role_list = array();
232 
233  $where = $this->__setTemplateFilter($a_templates);
234 
235  $query = "SELECT * FROM object_data ".
236  "JOIN rbac_fa ON obj_id = rol_id ".
237  $where.
238  "AND rbac_fa.assign = 'y' ";
239 
240  if(strlen($title_filter))
241  {
242  $query .= (' AND '.$ilDB->like(
243  'title',
244  'text',
245  $title_filter.'%'
246  ));
247  }
248  $res = $ilDB->query($query);
249 
250  while ($row = $ilDB->fetchAssoc($res))
251  {
252  $row["desc"] = $row["description"];
253  $row["user_id"] = $row["owner"];
254  $role_list[] = $row;
255  }
256 
257  $role_list = $this->__setRoleType($role_list);
258 
259  return $role_list;
260  }
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:326
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:354
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssignableRolesInSubtree()

ilRbacReview::getAssignableRolesInSubtree (   $ref_id)

Returns a list of assignable roles in a subtree of the repository public.

Parameters
ref_idRoot node of subtree
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 269 of file class.ilRbacReview.php.

References $GLOBALS, $ilDB, $query, $ref_id, $res, $row, array, and ilDBConstants\FETCHMODE_OBJECT.

270  {
271  global $ilDB;
272 
273  $query = 'SELECT rol_id FROM rbac_fa fa '.
274  'JOIN tree t1 ON t1.child = fa.parent '.
275  'JOIN object_data obd ON fa.rol_id = obd.obj_id ' .
276  'WHERE assign = '.$ilDB->quote('y','text').' '.
277  'AND obd.type = '.$ilDB->quote('role','text').' '.
278  'AND t1.child IN ('.
279  $GLOBALS['tree']->getSubTreeQuery($ref_id,array('child')).' '.
280  ') ';
281 
282 
283  $res = $ilDB->query($query);
284 
285  $role_list = array();
286  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
287  {
288  $role_list[] = $row->rol_id;
289  }
290  return $role_list;
291  }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ref_id
$ref_id
Definition: sahs_server.php:39
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getAssignedCacheEntry()

ilRbacReview::getAssignedCacheEntry (   $a_role_id,
  $a_user_id 
)

get entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id

Definition at line 1866 of file class.ilRbacReview.php.

1867  {
1868  return self::$is_assigned_cache[$a_role_id][$a_user_id];
1869  }

◆ getFoldersAssignedToRole()

ilRbacReview::getFoldersAssignedToRole (   $a_rol_id,
  $a_assignable = false 
)

Returns an array of objects assigned to a role.

A role with stopped inheritance may be assigned to more than one objects. To get only the original location of a role, set the second parameter to true

public

Parameters
integerrole id
booleanget only rolefolders where role is assignable (true)
Returns
array reference IDs of role folders
Todo:
refactor rolf => RENAME (rest done)

Definition at line 612 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

Referenced by isRoleDeleted().

613  {
614  global $ilDB;
615 
616  if (!isset($a_rol_id))
617  {
618  $message = get_class($this)."::getFoldersAssignedToRole(): No role_id given!";
619  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
620  }
621 
622  if ($a_assignable)
623  {
624  $where = " AND assign ='y'";
625  }
626 
627  $query = "SELECT DISTINCT parent FROM rbac_fa ".
628  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".$where." ";
629 
630  $res = $ilDB->query($query);
631  while($row = $ilDB->fetchObject($res))
632  {
633  $folders[] = $row->parent;
634  }
635  return $folders ? $folders : array();
636  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getGlobalAssignableRoles()

ilRbacReview::getGlobalAssignableRoles ( )

get only 'global' roles (with flag 'assign_users') public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 787 of file class.ilRbacReview.php.

References ilObjRole\_getAssignUsersStatus(), array, and getGlobalRoles().

788  {
789  include_once './Services/AccessControl/classes/class.ilObjRole.php';
790 
791  foreach($this->getGlobalRoles() as $role_id)
792  {
793  if(ilObjRole::_getAssignUsersStatus($role_id))
794  {
795  $ga[] = array('obj_id' => $role_id,
796  'role_type' => 'global');
797  }
798  }
799  return $ga ? $ga : array();
800  }
ilObjRole\_getAssignUsersStatus
static _getAssignUsersStatus($a_role_id)
Definition: class.ilObjRole.php:142
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:725
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
+ Here is the call graph for this function:

◆ getGlobalRoles()

ilRbacReview::getGlobalRoles ( )

get only 'global' roles public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 725 of file class.ilRbacReview.php.

References getRolesOfRoleFolder().

Referenced by getGlobalAssignableRoles(), getRolesByFilter(), and isGlobalRole().

726  {
727  return $this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false);
728  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:685
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getGlobalRolesArray()

ilRbacReview::getGlobalRolesArray ( )

get only 'global' roles public

Returns
array Array with rol_ids
Todo:
refactor rolf => DONE

Definition at line 771 of file class.ilRbacReview.php.

References array, and getRolesOfRoleFolder().

772  {
773  foreach($this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false) as $role_id)
774  {
775  $ga[] = array('obj_id' => $role_id,
776  'role_type' => 'global');
777  }
778  return $ga ? $ga : array();
779  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:685
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
+ Here is the call graph for this function:

◆ getLocalPolicies()

ilRbacReview::getLocalPolicies (   $a_ref_id)

Get all roles with local policies.

Parameters
type$a_ref_id
Returns
type

Definition at line 755 of file class.ilRbacReview.php.

References array, and getRolesOfRoleFolder().

756  {
757  $lroles = array();
758  foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
759  {
760  $lroles[] = $role_id;
761  }
762  return $lroles;
763  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:685
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
+ Here is the call graph for this function:

◆ getLocalRoles()

ilRbacReview::getLocalRoles (   $a_ref_id)

Get local roles of object.

Parameters
int$a_ref_id
Todo:
refactor rolf => DONE

Definition at line 735 of file class.ilRbacReview.php.

References $ilDB, array, getRolesOfRoleFolder(), and isAssignable().

736  {
737  global $ilDB;
738 
739  $lroles = array();
740  foreach($this->getRolesOfRoleFolder($a_ref_id) as $role_id)
741  {
742  if($this->isAssignable($role_id, $a_ref_id))
743  {
744  $lroles[] = $role_id;
745  }
746  }
747  return $lroles;
748  }
ilRbacReview\getRolesOfRoleFolder
getRolesOfRoleFolder($a_ref_id, $a_nonassignable=true)
get all roles of a role folder including linked local roles that are created due to stopped inheritan...
Definition: class.ilRbacReview.php:685
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users public.
Definition: class.ilRbacReview.php:557
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getNumberOfAssignedUsers()

ilRbacReview::getNumberOfAssignedUsers ( Array  $a_roles)

Get the number of assigned users to roles ilDB $ilDB.

Parameters
array$a_roles
Returns
int
Todo:
refactor rolf => DONE

Definition at line 402 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

403  {
404  global $ilDB;
405 
406  $query = 'SELECT COUNT(DISTINCT(usr_id)) as num FROM rbac_ua '.
407  'WHERE '.$ilDB->in('rol_id', $a_roles, false, 'integer').' ';
408 
409  $res = $ilDB->query($query);
410  $row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
411  return $row->num ? $row->num : 0;
412  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getObjectOfRole()

ilRbacReview::getObjectOfRole (   $a_role_id)

Get object id of objects a role is assigned to.

Todo:
refactor rolf (due to performance reasons the new version does not check for deleted roles only in object reference)

public

Parameters
introle id

Definition at line 1602 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

1603  {
1604  // internal cache
1605  static $obj_cache = array();
1606 
1607  global $ilDB;
1608 
1609 
1610  if(isset($obj_cache[$a_role_id]) and $obj_cache[$a_role_id])
1611  {
1612  return $obj_cache[$a_role_id];
1613  }
1614 
1615  $query = 'SELECT obr.obj_id FROM rbac_fa rfa '.
1616  'JOIN object_reference obr ON rfa.parent = obr.ref_id '.
1617  'WHERE assign = '.$ilDB->quote('y','text'). ' '.
1618  'AND rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1619  'AND deleted IS NULL';
1620 
1621  #$query = "SELECT obr.obj_id FROM rbac_fa rfa ".
1622  # "JOIN tree ON rfa.parent = tree.child ".
1623  # "JOIN object_reference obr ON tree.parent = obr.ref_id ".
1624  # "WHERE tree.tree = 1 ".
1625  # "AND assign = 'y' ".
1626  # "AND rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
1627  $res = $ilDB->query($query);
1628 
1629  $obj_cache[$a_role_id] = 0;
1630  while($row = $ilDB->fetchObject($res))
1631  {
1632  $obj_cache[$a_role_id] = $row->obj_id;
1633  }
1634  return $obj_cache[$a_role_id];
1635  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getObjectReferenceOfRole()

ilRbacReview::getObjectReferenceOfRole (   $a_role_id)

Get reference of role.

Parameters
object$a_role_id
Returns
int
Todo:
refactor rolf (no deleted check)

Definition at line 1643 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

1644  {
1645  global $ilDB;
1646 
1647  $query = 'SELECT parent p_ref FROM rbac_fa '.
1648  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1649  'AND assign = '.$ilDB->quote('y','text');
1650 
1651  $res = $ilDB->query($query);
1652  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1653  {
1654  return $row->p_ref;
1655  }
1656  return 0;
1657  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getObjectsWithStopedInheritance()

ilRbacReview::getObjectsWithStopedInheritance (   $a_rol_id,
  $a_filter = array() 
)

get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder.

public

Parameters
integerrole_id
arrayfilter ref_ids
Returns
array with ref_ids of objects
Todo:
refactor rolf => DONE

Definition at line 1090 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, array, and ilDBConstants\FETCHMODE_OBJECT.

1091  {
1092  global $ilDB;
1093 
1094  #$query = 'SELECT t.parent p FROM tree t JOIN rbac_fa fa ON fa.parent = child '.
1095  # 'WHERE assign = '.$ilDB->quote('n','text').' '.
1096  # 'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1097 
1098  $query = 'SELECT parent p FROM rbac_fa '.
1099  'WHERE assign = '.$ilDB->quote('n','text').' '.
1100  'AND rol_id = '.$ilDB->quote($a_rol_id,'integer').' ';
1101 
1102  if($a_filter)
1103  {
1104  $query .= ('AND '.$ilDB->in('parent',(array) $a_filter,false,'integer'));
1105  }
1106 
1107  $res = $ilDB->query($query);
1108  $parent = array();
1109  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1110  {
1111  $parent[] = $row->p;
1112  }
1113  return $parent;
1114  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperation()

ilRbacReview::getOperation (   $ops_id)

get one operation by operation id public

Returns
array data of operation_id
Todo:
refactor rolf => DONE

Definition at line 846 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, array, and ilDB\query().

847  {
848  global $ilDB;
849 
850  $query = 'SELECT * FROM rbac_operations WHERE ops_id = '.$ilDB->quote($ops_id,'integer');
851  $res = $this->ilDB->query($query);
852  while($row = $ilDB->fetchObject($res))
853  {
854  $ops = array('ops_id' => $row->ops_id,
855  'operation' => $row->operation,
856  'description' => $row->description);
857  }
858 
859  return $ops ? $ops : array();
860  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1415
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilDB
Database Wrapper.
Definition: class.ilDB.php:29
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getOperationAssignment()

ilRbacReview::getOperationAssignment ( )

get operation assignments

Returns
array array(array('typ_id' => $typ_id,'title' => $title,'ops_id => '$ops_is,'operation' => $operation),...
Todo:
refactor rolf => DONE

Definition at line 1723 of file class.ilRbacReview.php.

References $counter, $ilDB, $info, $query, $res, $row, and array.

1724  {
1725  global $ilDB;
1726 
1727  $query = 'SELECT ta.typ_id, obj.title, ops.ops_id, ops.operation FROM rbac_ta ta '.
1728  'JOIN object_data obj ON obj.obj_id = ta.typ_id '.
1729  'JOIN rbac_operations ops ON ops.ops_id = ta.ops_id ';
1730  $res = $ilDB->query($query);
1731 
1732  $counter = 0;
1733  while($row = $ilDB->fetchObject($res))
1734  {
1735  $info[$counter]['typ_id'] = $row->typ_id;
1736  $info[$counter]['type'] = $row->title;
1737  $info[$counter]['ops_id'] = $row->ops_id;
1738  $info[$counter]['operation'] = $row->operation;
1739  $counter++;
1740  }
1741  return $info ? $info : array();
1742 
1743  }
$counter
$counter
Definition: config-scanner.php:59
$info
$info
Definition: example_052.php:80
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperations()

ilRbacReview::getOperations ( )

get all possible operations public

Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 824 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, array, and ilDB\query().

825  {
826  global $ilDB;
827 
828  $query = 'SELECT * FROM rbac_operations ORDER BY ops_id ';
829  $res = $this->ilDB->query($query);
830  while($row = $ilDB->fetchObject($res))
831  {
832  $ops[] = array('ops_id' => $row->ops_id,
833  'operation' => $row->operation,
834  'description' => $row->description);
835  }
836 
837  return $ops ? $ops : array();
838  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1415
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilDB
Database Wrapper.
Definition: class.ilDB.php:29
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getOperationsByTypeAndClass()

ilRbacReview::getOperationsByTypeAndClass (   $a_type,
  $a_class 
)

Get operations by type and class.

Parameters
string$a_typeType is "object" or
string$a_class
Returns
Todo:
refactor rolf => DONE

Definition at line 1049 of file class.ilRbacReview.php.

References $a_type, $ilDB, $query, $res, $row, array, and ilDBConstants\FETCHMODE_OBJECT.

1050  {
1051  global $ilDB;
1052 
1053  if($a_class != 'create')
1054  {
1055  $condition = "AND class != ".$ilDB->quote('create','text');
1056  }
1057  else
1058  {
1059  $condition = "AND class = ".$ilDB->quote('create','text');
1060  }
1061 
1062  $query = "SELECT ro.ops_id FROM rbac_operations ro ".
1063  "JOIN rbac_ta rt ON ro.ops_id = rt.ops_id ".
1064  "JOIN object_data od ON rt.typ_id = od.obj_id ".
1065  "WHERE type = ".$ilDB->quote('typ','text')." ".
1066  "AND title = ".$ilDB->quote($a_type,'text')." ".
1067  $condition." ".
1068  "ORDER BY op_order ";
1069 
1070  $res = $ilDB->query($query);
1071 
1072  $ops = array();
1073  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1074  {
1075  $ops[] = $row->ops_id;
1076  }
1077  return $ops;
1078  }
$a_type
$a_type
Definition: workflow.php:93
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperationsOfRole()

ilRbacReview::getOperationsOfRole (   $a_rol_id,
  $a_type,
  $a_parent = 0 
)

get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public

Parameters
integerrole_id
stringobject type
integerrole folder id
Returns
array array of operation_id
Todo:
refactor rolf => DONE

Definition at line 927 of file class.ilRbacReview.php.

References $a_type, $ilDB, $ilLog, $query, $res, $row, and array.

928  {
929  global $ilDB,$ilLog;
930 
931  if (!isset($a_rol_id) or !isset($a_type))
932  {
933  $message = get_class($this)."::getOperationsOfRole(): Missing Parameter!".
934  "role_id: ".$a_rol_id.
935  "type: ".$a_type.
936  "parent_id: ".$a_parent;
937  $ilLog->logStack("Missing parameter! ");
938  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
939  }
940 
941  $ops_arr = array();
942 
943  // if no rolefolder id is given, assume global role folder as target
944  if ($a_parent == 0)
945  {
946  $a_parent = ROLE_FOLDER_ID;
947  }
948 
949  $query = "SELECT ops_id FROM rbac_templates ".
950  "WHERE type =".$ilDB->quote($a_type,'text')." ".
951  "AND rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
952  "AND parent = ".$ilDB->quote($a_parent,'integer');
953  $res = $ilDB->query($query);
954  while ($row = $ilDB->fetchObject($res))
955  {
956  $ops_arr[] = $row->ops_id;
957  }
958 
959  return $ops_arr;
960  }
$a_type
$a_type
Definition: workflow.php:93
$ilLog
$ilLog
Definition: inc.setup_header.php:130
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getOperationsOnType()

ilRbacReview::getOperationsOnType (   $a_typ_id)

all possible operations of a type public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 993 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

Referenced by getOperationsOnTypeString().

994  {
995  global $ilDB;
996 
997  if (!isset($a_typ_id))
998  {
999  $message = get_class($this)."::getOperationsOnType(): No type_id given!";
1000  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1001  }
1002 
1003  #$query = "SELECT * FROM rbac_ta WHERE typ_id = ".$ilDB->quote($a_typ_id,'integer');
1004 
1005  $query = 'SELECT * FROM rbac_ta ta JOIN rbac_operations o ON ta.ops_id = o.ops_id '.
1006  'WHERE typ_id = '.$ilDB->quote($a_typ_id,'integer').' '.
1007  'ORDER BY op_order';
1008 
1009  $res = $ilDB->query($query);
1010 
1011  while($row = $ilDB->fetchObject($res))
1012  {
1013  $ops_id[] = $row->ops_id;
1014  }
1015 
1016  return $ops_id ? $ops_id : array();
1017  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ getOperationsOnTypeString()

ilRbacReview::getOperationsOnTypeString (   $a_type)

all possible operations of a type public

Parameters
integerobject_ID of type
Returns
array valid operation_IDs
Todo:
rafactor rolf => DONE

Definition at line 1027 of file class.ilRbacReview.php.

References $a_type, $ilDB, $query, $res, $row, ilDBConstants\FETCHMODE_OBJECT, getOperationsOnType(), and ilDB\query().

1028  {
1029  global $ilDB;
1030 
1031  $query = "SELECT * FROM object_data WHERE type = 'typ' AND title = ".$ilDB->quote($a_type ,'text')." ";
1032 
1033 
1034  $res = $this->ilDB->query($query);
1035  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1036  {
1037  return $this->getOperationsOnType($row->obj_id);
1038  }
1039  return false;
1040  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1415
$a_type
$a_type
Definition: workflow.php:93
ilDB
Database Wrapper.
Definition: class.ilDB.php:29
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\getOperationsOnType
getOperationsOnType($a_typ_id)
all possible operations of a type public
Definition: class.ilRbacReview.php:993
+ Here is the call graph for this function:

◆ getParentRoleIds()

ilRbacReview::getParentRoleIds (   $a_endnode_id,
  $a_templates = false 
)

get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates public

Parameters
integerref_id of an object which is end node
booleantrue for role templates (default: false)
Returns
array array(role_ids => role_data)
Todo:
refactor rolf => DONE

Definition at line 154 of file class.ilRbacReview.php.

References $GLOBALS, and __getParentRoles().

155  {
156  global $tree;
157 
158  if (!isset($a_endnode_id))
159  {
160  $GLOBALS['ilLog']->logStack();
161  $message = get_class($this)."::getParentRoleIds(): No node_id (ref_id) given!";
162  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
163  }
164 
165  //var_dump($a_endnode_id);exit;
166  //$log->write("ilRBACreview::getParentRoleIds(), 0");
167  $pathIds = $tree->getPathId($a_endnode_id);
168 
169  // add system folder since it may not in the path
170  //$pathIds[0] = SYSTEM_FOLDER_ID;
171  $pathIds[0] = ROLE_FOLDER_ID;
172  //$log->write("ilRBACreview::getParentRoleIds(), 1");
173  #return $this->getParentRoles($a_endnode_id,$a_templates,$a_keep_protected);
174  return $this->__getParentRoles($pathIds,$a_templates);
175  }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
ilRbacReview\__getParentRoles
__getParentRoles($a_path, $a_templates)
Note: This function performs faster than the new getParentRoles function, because it uses database in...
Definition: class.ilRbacReview.php:116
+ Here is the call graph for this function:

◆ getRoleFolderOfRole()

ilRbacReview::getRoleFolderOfRole (   $a_role_id)

Get role folder of role ilDB $ilDB.

Parameters
int$a_role_id
Returns
int
Todo:
refactor rolf => RENAME

Definition at line 1789 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, ilObject\_lookupType(), and ilDBConstants\FETCHMODE_OBJECT.

1790  {
1791  global $ilDB;
1792 
1793  if(ilObject::_lookupType($a_role_id) == 'role')
1794  {
1795  $and = ('AND assign = '.$ilDB->quote('y','text'));
1796  }
1797  else
1798  {
1799  $and = '';
1800  }
1801 
1802  $query = 'SELECT * FROM rbac_fa '.
1803  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1804  $and;
1805  $res = $ilDB->query($query);
1806  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1807  {
1808  return $row->parent;
1809  }
1810  return 0;
1811  }
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1176
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ getRoleListByObject()

ilRbacReview::getRoleListByObject (   $a_ref_id,
  $a_templates = false 
)

Returns a list of roles in an container public.

Parameters
integerref_id of object
booleanif true fetch template roles too
Returns
array set ids
Todo:
refactor rolf => DONE

Definition at line 185 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), __setTemplateFilter(), and array.

Referenced by __getParentRoles().

186  {
187  global $ilDB;
188 
189  if (!isset($a_ref_id) or !isset($a_templates))
190  {
191  $message = get_class($this)."::getRoleListByObject(): Missing parameter!".
192  "ref_id: ".$a_ref_id.
193  "tpl_flag: ".$a_templates;
194  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
195  }
196 
197  $role_list = array();
198 
199  $where = $this->__setTemplateFilter($a_templates);
200 
201  $query = "SELECT * FROM object_data ".
202  "JOIN rbac_fa ON obj_id = rol_id ".
203  $where.
204  "AND object_data.obj_id = rbac_fa.rol_id ".
205  "AND rbac_fa.parent = ".$ilDB->quote($a_ref_id,'integer')." ";
206 
207  $res = $ilDB->query($query);
208  while ($row = $ilDB->fetchAssoc($res))
209  {
210  $row["desc"] = $row["description"];
211  $row["user_id"] = $row["owner"];
212  $role_list[] = $row;
213  }
214 
215  $role_list = $this->__setRoleType($role_list);
216 
217  return $role_list;
218  }
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:326
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:354
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getRoleOperationsOnObject()

ilRbacReview::getRoleOperationsOnObject (   $a_role_id,
  $a_ref_id 
)

ilDB $ilDB

Parameters
type$a_role_id
type$a_ref_id
Returns
type
Todo:
rafactor rolf => DONE

Definition at line 969 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

970  {
971  global $ilDB;
972 
973  $query = "SELECT * FROM rbac_pa ".
974  "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ".
975  "AND ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
976 
977  $res = $ilDB->query($query);
978  while($row = $ilDB->fetchObject($res))
979  {
980  $ops = unserialize($row->ops_id);
981  }
982 
983  return $ops ? $ops : array();
984  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getRolesByFilter()

ilRbacReview::getRolesByFilter (   $a_filter = 0,
  $a_user_id = 0,
  $title_filter = '' 
)

ilDB $ilDB

Parameters
type$a_filter
type$a_user_id
type$title_filter
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1171 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), array, assignedRoles(), getAssignableRoles(), and getGlobalRoles().

1172  {
1173  global $ilDB;
1174 
1175  $assign = "y";
1176 
1177  switch($a_filter)
1178  {
1179  // all (assignable) roles
1180  case self::FILTER_ALL:
1181  return $this->getAssignableRoles(true,true,$title_filter);
1182  break;
1183 
1184  // all (assignable) global roles
1185  case self::FILTER_ALL_GLOBAL:
1186  $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),false,'integer').' ';
1187  break;
1188 
1189  // all (assignable) local roles
1190  case self::FILTER_ALL_LOCAL:
1191  case self::FILTER_INTERNAL:
1192  case self::FILTER_NOT_INTERNAL:
1193  $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->getGlobalRoles(),true,'integer');
1194  break;
1195 
1196  // all role templates
1197  case self::FILTER_TEMPLATES:
1198  $where = "WHERE object_data.type = 'rolt'";
1199  $assign = "n";
1200  break;
1201 
1202  // only assigned roles, handled by ilObjUserGUI::roleassignmentObject()
1203  case 0:
1204  default:
1205  if(!$a_user_id)
1206  return array();
1207 
1208  $where = 'WHERE '.$ilDB->in('rbac_fa.rol_id',$this->assignedRoles($a_user_id),false,'integer').' ';
1209  break;
1210  }
1211 
1212  $roles = array();
1213 
1214  $query = "SELECT * FROM object_data ".
1215  "JOIN rbac_fa ON obj_id = rol_id ".
1216  $where.
1217  "AND rbac_fa.assign = ".$ilDB->quote($assign,'text')." ";
1218 
1219  if(strlen($title_filter))
1220  {
1221  $query .= (' AND '.$ilDB->like(
1222  'title',
1223  'text',
1224  '%'.$title_filter.'%'
1225  ));
1226  }
1227 
1228  $res = $ilDB->query($query);
1229  while($row = $ilDB->fetchAssoc($res))
1230  {
1231  $prefix = (substr($row["title"],0,3) == "il_") ? true : false;
1232 
1233  // all (assignable) internal local roles only
1234  if ($a_filter == 4 and !$prefix)
1235  {
1236  continue;
1237  }
1238 
1239  // all (assignable) non internal local roles only
1240  if ($a_filter == 5 and $prefix)
1241  {
1242  continue;
1243  }
1244 
1245  $row["desc"] = $row["description"];
1246  $row["user_id"] = $row["owner"];
1247  $roles[] = $row;
1248  }
1249 
1250  $roles = $this->__setRoleType($roles);
1251 
1252  return $roles ? $roles : array();
1253  }
ilRbacReview\getAssignableRoles
getAssignableRoles($a_templates=false, $a_internal_roles=false, $title_filter='')
Returns a list of all assignable roles public.
Definition: class.ilRbacReview.php:227
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:725
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilRbacReview\assignedRoles
assignedRoles($a_usr_id)
get all assigned roles to a given user public
Definition: class.ilRbacReview.php:510
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:354
+ Here is the call graph for this function:

◆ getRolesForIDs()

ilRbacReview::getRolesForIDs (   $role_ids,
  $use_templates 
)

ilDB $ilDB

Parameters
type$role_ids
type$use_templates
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1692 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, __setRoleType(), __setTemplateFilter(), and array.

1693  {
1694  global $ilDB;
1695 
1696  $role_list = array();
1697 
1698  $where = $this->__setTemplateFilter($use_templates);
1699 
1700  $query = "SELECT * FROM object_data ".
1701  "JOIN rbac_fa ON object_data.obj_id = rbac_fa.rol_id ".
1702  $where.
1703  "AND rbac_fa.assign = 'y' " .
1704  'AND '.$ilDB->in('object_data.obj_id',$role_ids,false,'integer');
1705 
1706  $res = $ilDB->query($query);
1707  while($row = $ilDB->fetchAssoc($res))
1708  {
1709  $row["desc"] = $row["description"];
1710  $row["user_id"] = $row["owner"];
1711  $role_list[] = $row;
1712  }
1713 
1714  $role_list = $this->__setRoleType($role_list);
1715  return $role_list;
1716  }
ilRbacReview\__setTemplateFilter
__setTemplateFilter($a_templates)
get roles and templates or only roles; returns string for where clause private
Definition: class.ilRbacReview.php:326
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilRbacReview\__setRoleType
__setRoleType($a_role_list)
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in oth...
Definition: class.ilRbacReview.php:354
+ Here is the call graph for this function:

◆ getRolesOfObject()

ilRbacReview::getRolesOfObject (   $a_ref_id,
  $a_assignable_only = FALSE 
)

Get roles of object.

Parameters
type$a_ref_id
type$a_assignable
Exceptions
InvalidArgumentException
Todo:
refactor rolf => DONE

Definition at line 645 of file class.ilRbacReview.php.

References $GLOBALS, $ilDB, $query, $res, $row, and array.

646  {
647  global $ilDB;
648 
649  if(!isset($a_ref_id))
650  {
651  $GLOBALS['ilLog']->logStack();
652  throw new InvalidArgumentException(__METHOD__.': No ref_id given!');
653  }
654  if($a_assignable_only === TRUE)
655  {
656  $and = 'AND assign = '.$ilDB->quote('y','text');
657  }
658  $query = "SELECT rol_id FROM rbac_fa ".
659  "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
660  $and;
661 
662  $res = $ilDB->query($query);
663 
664  $role_ids = array();
665  while($row = $ilDB->fetchObject($res))
666  {
667  $role_ids[] = $row->rol_id;
668  }
669  return $role_ids;
670  }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getRolesOfRoleFolder()

ilRbacReview::getRolesOfRoleFolder (   $a_ref_id,
  $a_nonassignable = true 
)

get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids public

Parameters
integerref_id of object
booleanif false only get true local roles
Returns
array Array with rol_ids
Deprecated:
since version 4.5.0
Todo:
refactor rolf => RENAME

Definition at line 685 of file class.ilRbacReview.php.

References $ilBench, $ilDB, $ilLog, $query, $res, $row, array, and ilLoggerFactory\getLogger().

Referenced by getGlobalRoles(), getGlobalRolesArray(), getLocalPolicies(), and getLocalRoles().

686  {
687  global $ilBench,$ilDB,$ilLog;
688 
689  $ilBench->start("RBAC", "review_getRolesOfRoleFolder");
690 
691  if (!isset($a_ref_id))
692  {
693  $message = get_class($this)."::getRolesOfRoleFolder(): No ref_id given!";
694  ilLoggerFactory::getLogger('ac')->logStack();
695  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
696 
697  }
698 
699  if ($a_nonassignable === false)
700  {
701  $and = " AND assign='y'";
702  }
703 
704  $query = "SELECT rol_id FROM rbac_fa ".
705  "WHERE parent = ".$ilDB->quote($a_ref_id,'integer')." ".
706  $and;
707 
708  $res = $ilDB->query($query);
709  while($row = $ilDB->fetchObject($res))
710  {
711  $rol_id[] = $row->rol_id;
712  }
713 
714  $ilBench->stop("RBAC", "review_getRolesOfRoleFolder");
715 
716  return $rol_id ? $rol_id : array();
717  }
$ilLog
$ilLog
Definition: inc.setup_header.php:130
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getTypeId()

ilRbacReview::getTypeId (   $a_type)

Get type id of object ilDB $ilDB.

Parameters
type$a_type
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1262 of file class.ilRbacReview.php.

References $a_type, $ilDB, $r, $row, and ilDBConstants\FETCHMODE_OBJECT.

1263  {
1264  global $ilDB;
1265 
1266  $q = "SELECT obj_id FROM object_data ".
1267  "WHERE title=".$ilDB->quote($a_type ,'text')." AND type='typ'";
1268  $r = $ilDB->query($q);
1269 
1270  $row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
1271  return $row->obj_id;
1272  }
$a_type
$a_type
Definition: workflow.php:93
$r
$r
Definition: example_031.php:79
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ getUserPermissionsOnObject()

ilRbacReview::getUserPermissionsOnObject (   $a_user_id,
  $a_ref_id 
)

Get all user permissions on an object.

Parameters
int$a_user_iduser id
int$a_ref_idref id
Todo:
refactor rolf => DONE

Definition at line 1820 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

1821  {
1822  global $ilDB;
1823 
1824  $query = "SELECT ops_id FROM rbac_pa JOIN rbac_ua ".
1825  "ON (rbac_pa.rol_id = rbac_ua.rol_id) ".
1826  "WHERE rbac_ua.usr_id = ".$ilDB->quote($a_user_id,'integer')." ".
1827  "AND rbac_pa.ref_id = ".$ilDB->quote($a_ref_id,'integer')." ";
1828 
1829  $res = $ilDB->query($query);
1830  $all_ops = array();
1831  while ($row = $ilDB->fetchObject($res))
1832  {
1833  $ops = unserialize($row->ops_id);
1834  $all_ops = array_merge($all_ops, $ops);
1835  }
1836  $all_ops = array_unique($all_ops);
1837 
1838  $set = $ilDB->query("SELECT operation FROM rbac_operations ".
1839  " WHERE ".$ilDB->in("ops_id", $all_ops, false, "integer"));
1840  $perms = array();
1841  while ($rec = $ilDB->fetchAssoc($set))
1842  {
1843  $perms[] = $rec["operation"];
1844  }
1845 
1846  return $perms;
1847  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ hasMultipleAssignments()

ilRbacReview::hasMultipleAssignments (   $a_role_id)

Temporary bugfix.

Todo:
refactor rolf => DONE

Definition at line 591 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

592  {
593  global $ilDB;
594 
595  $query = "SELECT * FROM rbac_fa WHERE rol_id = ".$ilDB->quote($a_role_id,'integer').' '.
596  "AND assign = ".$ilDB->quote('y','text');
597  $res = $ilDB->query($query);
598  return $res->numRows() > 1;
599  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isAssignable()

ilRbacReview::isAssignable (   $a_rol_id,
  $a_ref_id 
)

Check if its possible to assign users public.

Parameters
integerobject id of role
integerref_id of object in question
Returns
boolean
Todo:
refactor rolf (expects object reference id instead of rolf) => DONE

Definition at line 557 of file class.ilRbacReview.php.

References $ilBench, $ilDB, $query, $res, and $row.

Referenced by getLocalRoles(), and isDeleteable().

558  {
559  global $ilBench,$ilDB;
560 
561  $ilBench->start("RBAC", "review_isAssignable");
562 
563  // exclude system role from rbac
564  if ($a_rol_id == SYSTEM_ROLE_ID)
565  {
566  $ilBench->stop("RBAC", "review_isAssignable");
567  return true;
568  }
569 
570  if (!isset($a_rol_id) or !isset($a_ref_id))
571  {
572  $message = get_class($this)."::isAssignable(): Missing parameter!".
573  " role_id: ".$a_rol_id." ,ref_id: ".$a_ref_id;
574  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
575  }
576  $query = "SELECT * FROM rbac_fa ".
577  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ".
578  "AND parent = ".$ilDB->quote($a_ref_id,'integer')." ";
579  $res = $ilDB->query($query);
580  $row = $ilDB->fetchObject($res);
581 
582  $ilBench->stop("RBAC", "review_isAssignable");
583  return $row->assign == 'y' ? true : false;
584  }
$ilBench
global $ilBench
Definition: ilias.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ isAssigned()

ilRbacReview::isAssigned (   $a_usr_id,
  $a_role_id 
)

check if a specific user is assigned to specific role public

Parameters
integerusr_id
integerrole_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 458 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

459  {
460  if(isset(self::$is_assigned_cache[$a_role_id][$a_usr_id])) {
461  return self::$is_assigned_cache[$a_role_id][$a_usr_id];
462  }
463  // Quickly determine if user is assigned to a role
464  global $ilDB;
465 
466  $ilDB->setLimit(1,0);
467  $query = "SELECT usr_id FROM rbac_ua WHERE ".
468  "rol_id= ".$ilDB->quote($a_role_id,'integer')." ".
469  "AND usr_id= ".$ilDB->quote($a_usr_id);
470  $res = $ilDB->query($query);
471 
472  $is_assigned = $res->numRows() == 1;
473  self::$is_assigned_cache[$a_role_id][$a_usr_id] = $is_assigned;
474 
475  return $is_assigned;
476  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isAssignedToAtLeastOneGivenRole()

ilRbacReview::isAssignedToAtLeastOneGivenRole (   $a_usr_id,
  $a_role_ids 
)

check if a specific user is assigned to at least one of the given role ids.

This function is used to quickly check whether a user is member of a course or a group.

public

Parameters
integerusr_id
array[integer]role_ids
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 490 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

491  {
492  global $ilDB;
493 
494  $ilDB->setLimit(1,0);
495  $query = "SELECT usr_id FROM rbac_ua WHERE ".
496  $ilDB->in('rol_id',$a_role_ids,false,'integer').
497  " AND usr_id= ".$ilDB->quote($a_usr_id);
498  $res = $ilDB->query($query);
499 
500  return $ilDB->numRows($res) == 1;
501  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isBlockedAtPosition()

ilRbacReview::isBlockedAtPosition (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked at position ilDB $ilDB.

Parameters
type$a_role_id
type$a_ref_id
Returns
boolean

Definition at line 1408 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and ilDBConstants\FETCHMODE_OBJECT.

Referenced by isBlockedInUpperContext().

1409  {
1410  global $ilDB;
1411 
1412  $query = 'SELECT blocked from rbac_fa '.
1413  'WHERE rol_id = '. $ilDB->quote($a_role_id,'integer').' '.
1414  'AND parent = '.$ilDB->quote($a_ref_id,'integer');
1415  $res = $ilDB->query($query);
1416  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1417  {
1418  return (bool) $row->blocked;
1419  }
1420  return FALSE;
1421  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ isBlockedInUpperContext()

ilRbacReview::isBlockedInUpperContext (   $a_role_id,
  $a_ref_id 
)

Check if role is blocked in upper context.

Parameters
type$a_role_id
type$a_ref_id

Definition at line 1428 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, array, ilDBConstants\FETCHMODE_OBJECT, and isBlockedAtPosition().

1429  {
1430  global $ilDB, $tree;
1431 
1432  if($this->isBlockedAtPosition($a_role_id, $a_ref_id))
1433  {
1434  return FALSE;
1435  }
1436  $query = 'SELECT parent from rbac_fa '.
1437  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
1438  'AND blocked = '.$ilDB->quote(1,'integer');
1439  $res = $ilDB->query($query);
1440 
1441  $parent_ids = array();
1442  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1443  {
1444  $parent_ids[] = $row->parent;
1445  }
1446 
1447  foreach($parent_ids as $parent_id)
1448  {
1449  if($tree->isGrandChild($parent_id, $a_ref_id))
1450  {
1451  return TRUE;
1452  }
1453  }
1454  return FALSE;
1455  }
ilRbacReview\isBlockedAtPosition
isBlockedAtPosition($a_role_id, $a_ref_id)
Check if role is blocked at position ilDB $ilDB.
Definition: class.ilRbacReview.php:1408
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ isDeleteable()

ilRbacReview::isDeleteable (   $a_role_id,
  $a_rolf_id 
)

Check if role is deleteable at a specific position.

Parameters
object$a_role_id
introlf_id
Returns
Todo:
refactor rolf => DONE

Definition at line 1752 of file class.ilRbacReview.php.

References ilObject\_lookupTitle(), and isAssignable().

1753  {
1754  if(!$this->isAssignable($a_role_id, $a_rolf_id))
1755  {
1756  return false;
1757  }
1758  if($a_role_id == SYSTEM_ROLE_ID or $a_role_id == ANONYMOUS_ROLE_ID)
1759  {
1760  return false;
1761  }
1762  if(substr(ilObject::_lookupTitle($a_role_id),0,3) == 'il_')
1763  {
1764  return false;
1765  }
1766  return true;
1767  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:924
ilRbacReview\isAssignable
isAssignable($a_rol_id, $a_ref_id)
Check if its possible to assign users public.
Definition: class.ilRbacReview.php:557
+ Here is the call graph for this function:

◆ isDeleted()

ilRbacReview::isDeleted (   $a_node_id)

Checks if a rolefolder is set as deleted (negative tree_id) public.

Parameters
integerref_id of rolefolder
Returns
boolean true if rolefolder is set as deleted
Todo:
refactor rolf => DELETE method

Definition at line 1123 of file class.ilRbacReview.php.

References $ilDB, $r, $row, ilDBConstants\FETCHMODE_OBJECT, and ilDB\query().

Referenced by isRoleDeleted().

1124  {
1125  global $ilDB;
1126 
1127  $q = "SELECT tree FROM tree WHERE child =".$ilDB->quote($a_node_id)." ";
1128  $r = $this->ilDB->query($q);
1129 
1130  $row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
1131 
1132  if (!$row)
1133  {
1134  $message = sprintf('%s::isDeleted(): Role folder with ref_id %s not found!',
1135  get_class($this),
1136  $a_node_id);
1137  $this->log->write($message,$this->log->FATAL);
1138 
1139  return true;
1140  }
1141 
1142  // rolefolder is deleted
1143  if ($row->tree < 0)
1144  {
1145  return true;
1146  }
1147 
1148  return false;
1149  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1415
$r
$r
Definition: example_031.php:79
ilDB
Database Wrapper.
Definition: class.ilDB.php:29
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isGlobalRole()

ilRbacReview::isGlobalRole (   $a_role_id)

Check if role is a global role.

Parameters
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1157 of file class.ilRbacReview.php.

References getGlobalRoles().

1158  {
1159  return in_array($a_role_id,$this->getGlobalRoles());
1160  }
ilRbacReview\getGlobalRoles
getGlobalRoles()
get only &#39;global&#39; roles public
Definition: class.ilRbacReview.php:725
+ Here is the call graph for this function:

◆ isProtected()

ilRbacReview::isProtected (   $a_ref_id,
  $a_role_id 
)
Todo:
refactor rolf => search calls ilDB $ilDB
Parameters
type$a_ref_id
type$a_role_id
Returns
type
Todo:
refactor rolf => DONE

Definition at line 1388 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and ilUtil\yn2tf().

1389  {
1390  global $ilDB;
1391 
1392  // ref_id not used yet. protected permission acts 'global' for each role,
1393  $query = "SELECT protected FROM rbac_fa ".
1394  "WHERE rol_id = ".$ilDB->quote($a_role_id,'integer')." ";
1395  $res = $ilDB->query($query);
1396  $row = $ilDB->fetchAssoc($res);
1397 
1398  return ilUtil::yn2tf($row['protected']);
1399  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilUtil\yn2tf
static yn2tf($a_yn)
convert "y"/"n" to true/false
Definition: class.ilUtil.php:3228
+ Here is the call graph for this function:

◆ isRoleAssignedToObject()

ilRbacReview::isRoleAssignedToObject (   $a_role_id,
  $a_parent_id 
)

Check if role is assigned to an object.

Todo:
refactor rolf => DONE (renamed)

Definition at line 807 of file class.ilRbacReview.php.

References $ilDB, $query, and $res.

808  {
809  global $rbacreview, $ilDB;
810 
811  $query = 'SELECT * FROM rbac_fa '.
812  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
813  'AND parent = '.$ilDB->quote($a_parent_id,'integer');
814  $res = $ilDB->query($query);
815  return $res->numRows() ? true : false;
816  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ isRoleDeleted()

ilRbacReview::isRoleDeleted (   $a_role_id)

return if role is only attached to deleted role folders

Parameters
int$a_role_id
Returns
boolean
Todo:
refactor rolf => DONE

Definition at line 1666 of file class.ilRbacReview.php.

References getFoldersAssignedToRole(), and isDeleted().

1667  {
1668  $rolf_list = $this->getFoldersAssignedToRole($a_role_id, false);
1669  $deleted = true;
1670  if (count($rolf_list))
1671  {
1672  foreach ($rolf_list as $rolf) {
1673  // only list roles that are not set to status "deleted"
1674  if (!$this->isDeleted($rolf))
1675  {
1676  $deleted = false;
1677  break;
1678  }
1679  }
1680  }
1681  return $deleted;
1682  }
ilRbacReview\isDeleted
isDeleted($a_node_id)
Checks if a rolefolder is set as deleted (negative tree_id) public.
Definition: class.ilRbacReview.php:1123
ilRbacReview\getFoldersAssignedToRole
getFoldersAssignedToRole($a_rol_id, $a_assignable=false)
Returns an array of objects assigned to a role.
Definition: class.ilRbacReview.php:612
+ Here is the call graph for this function:

◆ isSystemGeneratedRole()

ilRbacReview::isSystemGeneratedRole (   $a_role_id)

Check if the role is system generate role or role template.

Parameters
int$a_role_id
Returns
bool
Todo:
refactor rolf => DONE

Definition at line 1775 of file class.ilRbacReview.php.

References $title, and ilObject\_lookupTitle().

1776  {
1777  $title = ilObject::_lookupTitle($a_role_id);
1778  return substr($title,0,3) == 'il_' ? true : false;
1779  }
ilObject\_lookupTitle
static _lookupTitle($a_id)
lookup object title
Definition: class.ilObject.php:924
+ Here is the call graph for this function:

◆ lookupCreateOperationIds()

static ilRbacReview::lookupCreateOperationIds (   $a_type_arr)
static

Lookup operation ids.

Parameters
array$a_type_arre.g array('cat','crs','grp'). The operation name (e.g. 'create_cat') is generated automatically
Returns
array int Array with operation ids
Todo:
refactor rolf => DONE

Definition at line 1347 of file class.ilRbacReview.php.

References $ilDB, $query, $res, $row, and array.

Referenced by ilObjectXMLWriter\__appendOperations(), ilObjectRoleTemplatePermissionTableGUI\parse(), ilObjectRolePermissionTableGUI\parse(), ilPermissionGUI\savePermissions(), and ilObjStudyProgrammeTest\testCreatePermissionExists().

1348  {
1349  global $ilDB;
1350 
1351  $operations = array();
1352  foreach($a_type_arr as $type)
1353  {
1354  $operations[] = ('create_'.$type);
1355  }
1356 
1357  if(!count($operations))
1358  {
1359  return array();
1360  }
1361 
1362  $query = 'SELECT ops_id, operation FROM rbac_operations '.
1363  'WHERE '.$ilDB->in('operation',$operations,false,'text');
1364 
1365  $res = $ilDB->query($query);
1366 
1367  $ops_ids = array();
1368  while($row = $ilDB->fetchObject($res))
1369  {
1370  $type_arr = explode('_', $row->operation);
1371  $type = $type_arr[1];
1372 
1373  $ops_ids[$type] = $row->ops_id;
1374  }
1375  return $ops_ids;
1376  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ roleExists()

ilRbacReview::roleExists (   $a_title,
  $a_id = 0 
)

Checks if a role already exists.

Role title should be unique public

Parameters
stringrole title
integerobj_id of role to exclude in the check. Commonly this is the current role you want to edit
Returns
boolean true if exists
Todo:
refactor rolf => DONE

Definition at line 78 of file class.ilRbacReview.php.

References $ilDB, $r, $row, ilDBConstants\FETCHMODE_OBJECT, and ilDB\query().

79  {
80  global $ilDB;
81 
82  if (empty($a_title))
83  {
84  $message = get_class($this)."::roleExists(): No title given!";
85  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
86  }
87 
88  $clause = ($a_id) ? " AND obj_id != ".$ilDB->quote($a_id)." " : "";
89 
90  $q = "SELECT DISTINCT(obj_id) obj_id FROM object_data ".
91  "WHERE title =".$ilDB->quote($a_title)." ".
92  "AND type IN('role','rolt')".
93  $clause." ";
94  $r = $this->ilDB->query($q);
95 
96  while($row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
97  {
98  return $row->obj_id;
99  }
100  return false;
101  }
ilDB\query
query($sql, $a_handle_error=true)
Query.
Definition: class.ilDB.php:1415
$r
$r
Definition: example_031.php:79
ilDB
Database Wrapper.
Definition: class.ilDB.php:29
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ setAssignedCacheEntry()

ilRbacReview::setAssignedCacheEntry (   $a_role_id,
  $a_user_id,
  $a_value 
)

set entry of assigned_chache

Parameters
int$a_role_id
int$a_user_id
bool$a_value

Definition at line 1855 of file class.ilRbacReview.php.

1856  {
1857  self::$is_assigned_cache[$a_role_id][$a_user_id] = $a_value;
1858  }

Field Documentation

◆ $_opsCache

ilRbacReview::$_opsCache = null
staticprivate

Definition at line 29 of file class.ilRbacReview.php.

◆ $assigned_users_cache

ilRbacReview::$assigned_users_cache = array()
staticprotected

Definition at line 34 of file class.ilRbacReview.php.

◆ $is_assigned_cache

ilRbacReview::$is_assigned_cache = array()
staticprotected

Definition at line 39 of file class.ilRbacReview.php.

◆ $log

ilRbacReview::$log
protected

Definition at line 44 of file class.ilRbacReview.php.

Referenced by __setProtectedStatus().

◆ FILTER_ALL

const ilRbacReview::FILTER_ALL = 1

Definition at line 21 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_ALL_GLOBAL

const ilRbacReview::FILTER_ALL_GLOBAL = 2

Definition at line 22 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_ALL_LOCAL

const ilRbacReview::FILTER_ALL_LOCAL = 3

Definition at line 23 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_INTERNAL

const ilRbacReview::FILTER_INTERNAL = 4

Definition at line 24 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter(), and ilRoleTableGUI\parse().

◆ FILTER_NOT_INTERNAL

const ilRbacReview::FILTER_NOT_INTERNAL = 5

Definition at line 25 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

◆ FILTER_TEMPLATES

const ilRbacReview::FILTER_TEMPLATES = 6

Definition at line 26 of file class.ilRbacReview.php.

Referenced by ilRoleTableGUI\initFilter().

The documentation for this class was generated from the following file: