ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilObjectPermissionStatusGUI.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3require_once('./Services/Repository/classes/class.ilObjectPlugin.php');
4
16class ilObjectPermissionStatusGUI
17{
19 var $user;
21 var $lng;
23 var $ilCtrl;
25 var $tpl;
27 var $object;
29 var $rbacreview;
30 var $user_roles;
31 var $global_roles;
32 var $valid_roles;
33 var $assigned_valid_roles;
34
35 const IMG_OK = 0;
36 const IMG_NOT_OK = 1;
37
38
43 public function __construct(&$a_obj)
44 {
45 global $ilCtrl,$lng,$rbacreview, $tpl;
46
47 $this->lng = $lng;
48 $this->ilCtrl = $ilCtrl;
49 $this->tpl = $tpl;
50 $this->object = $a_obj;
51 $this->rbacreview = $rbacreview;
52
53 $this->user = $this->getUser();
54 $this->user_roles = $rbacreview->assignedRoles($this->user->getId());
55 $this->global_roles = $rbacreview->getGlobalRoles();
56 $this->valid_roles = $rbacreview->getParentRoleIds($this->object->getRefId());
57 $this->assigned_valid_roles = $this->getAssignedValidRoles();
58
59 }
60
64 public function executeCommand()
65 {
66 global $ilCtrl;
67
68 // determine next class in the call structure
69 $next_class = $this->ilCtrl->getNextClass($this);
70
71 switch($next_class)
72 {
73 case 'ilrepositorysearchgui':
74 include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
75 $rep_search = new ilRepositorySearchGUI();
76 $this->ilCtrl->setReturn($this,'perminfo');
77 $this->ilCtrl->forwardCommand($rep_search);
78 break;
79
80 default:
81 $cmd = $this->ilCtrl->getCmd();
82 $this->$cmd();
83 break;
84 }
85 }
86
90 function perminfo()
91 {
92 $tpl = new ilTemplate("tpl.info_layout.html", false, false, "Services/AccessControl");
93
94 $tpl->setVariable("INFO_SUMMARY",$this->accessStatusInfo());
95 $tpl->setVariable("INFO_PERMISSIONS",$this->accessPermissionsTable());
96 $tpl->setVariable("INFO_ROLES",$this->availableRolesTable());
97 $tpl->setVariable("INFO_REMARK_INTERRUPTED",$this->lng->txt('info_remark_interrupted'));
98
99 $this->tpl->setVariable("ADM_CONTENT", $tpl->get());
100
101 $this->addToolbar();
102 }
103
107 function addToolbar()
108 {
109 global $ilToolbar;
110
111 $ilToolbar->setFormAction($this->ilCtrl->getFormAction($this, "perminfo"));
112
113 $ilToolbar->addText($this->lng->txt('user'));
114
115 include_once("./Services/Form/classes/class.ilTextInputGUI.php");
116
117 $login = new ilTextInputGUI($this->lng->txt("username"), "user_login");
118 $login->setDataSource($this->ilCtrl->getLinkTargetByClass(array(get_class($this),
119 'ilRepositorySearchGUI'), 'doUserAutoComplete', '', true));
120 $login->setSize(15);
121 $login->setValue($this->user->getLogin());
122
123 $ilToolbar->addInputItem($login);
124
125 $ilToolbar->addFormButton($this->lng->txt("info_change_user_view"), "perminfo");
126
127 //$ilToolbar->addText($lng->txt("info_enter_login_or_id"));
128 }
129
134 function accessStatusInfo()
135 {
136 include_once("./Services/InfoScreen/classes/class.ilInfoScreenGUI.php");
137
138 $info = new ilInfoScreenGUI(new stdClass());
139 $info->setFormAction($this->ilCtrl->getFormAction($this));
140
141 $info->addSection($this->lng->txt("info_access_and_status_info"));
142
143 foreach($this->getAccessStatusInfoData() as $data)
144 {
145 $info->addProperty($data[0], $data[1]);
146 }
147
148 return $info->getHTML();
149 }
150
155 function accessPermissionsTable()
156 {
157 include_once("./Services/AccessControl/classes/class.ilAccessPermissionsStatusTableGUI.php");
158
159 $table = new ilAccessPermissionsStatusTableGUI($this, "perminfo");
160
161 $table->setData($this->getAccessPermissionTableData());
162 $table->setTitle($this->lng->txt("info_access_permissions"));
163
164 return $table->getHTML();
165 }
166
171 function availableRolesTable()
172 {
173 include_once("./Services/AccessControl/classes/class.ilAvailableRolesStatusTableGUI.php");
174
175 $table = new ilAvailableRolesStatusTableGUI($this, "perminfo");
176
177 $table->setData($this->getAvailableRolesTableData());
178 $table->setTitle($this->lng->txt("info_available_roles"));
179
180 return $table->getHTML();
181 }
182
187 function getAssignedValidRoles()
188 {
189 include_once ('./Services/AccessControl/classes/class.ilObjRole.php');
190 $assigned_valid_roles = array();
191
192 foreach ($this->valid_roles as $role)
193 {
194 if (in_array($role['obj_id'],$this->user_roles))
195 {
196 if ($role["obj_id"] == SYSTEM_ROLE_ID)
197 {
198 // get all possible operation of current object
199 $ops_list = ilRbacReview::_getOperationList($this->object->getType());
200
201 foreach ($ops_list as $ops_data)
202 {
203 $ops[] = (int) $ops_data['ops_id'];
204 }
205
206 $role['ops'] = $ops;
207 }
208 else
209 {
210 $role['ops'] = $this->rbacreview->getRoleOperationsOnObject($role["obj_id"],$this->object->getRefId());
211 }
212
213 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
214 $role['translation'] = str_replace(" ","&nbsp;",ilObjRole::_getTranslation($role["title"]));
215 $assigned_valid_roles[] = $role;
216 }
217 }
218
219 $this->assigned_valid_roles = $assigned_valid_roles;
220
221 return $assigned_valid_roles;
222 }
223
229 function getCommands($a_type)
230 {
231 global $objDefinition;
232
233 $class = $objDefinition->getClassName($a_type);
234 $location = $objDefinition->getLocation($a_type);
235 $full_class = "ilObj".$class."Access";
236 include_once($location."/class.".$full_class.".php");
237
238 $cmds = call_user_func(array($full_class, "_getCommands"));
239
240 array_push($cmds,array('permission' => 'visible','cmd' => 'info'));
241
242 return $cmds;
243 }
244
249 function getUser()
250 {
251 global $ilUser;
252
253 if (!isset($_POST['user_login']))
254 {
255 $user =& $ilUser;
256 }
257 else
258 {
259 include_once('Services/User/classes/class.ilObjUser.php');
260 $user_id = ilObjUser::_lookupId($_POST['user_login']);
261
262 $factory = new ilObjectFactory();
263 $user = $factory->getInstanceByObjId($user_id,false);
264
265
266 if ($user === false or $user->getType() != 'usr')
267 {
268 $user =& $ilUser;
269 ilUtil::sendFailure($this->lng->txt('info_err_user_not_exist'));
270 }
271 else
272 {
273 ilUtil::sendInfo($this->lng->txt('info_user_view_changed'));
274 }
275 }
276
277 return $user;
278 }
279
284 function getAccessStatusInfoData()
285 {
286 global $ilAccess;
287 $infos = array();
288
289 $result_set[0][] = $this->lng->txt("info_view_of_user");
290 $result_set[0][] = $this->user->getFullname()." (#".$this->user->getId().")";
291
292 $assigned_valid_roles = array();
293
294 foreach ($this->getAssignedValidRoles() as $role)
295 {
296 $assigned_valid_roles[] = $role["translation"];
297 }
298
299 $roles_str = implode(", ",$assigned_valid_roles);
300
301 $result_set[1][] = $this->lng->txt("roles");
302 $result_set[1][] = $roles_str;
303
304 $result_set[2][] = $this->lng->txt("status");
305
306 $ilAccess->clear();
307 $ilAccess->checkAccessOfUser(
308 $this->user->getId(),
309 'read',
310 '',
311 $this->object->getRefId(),
312 $this->object->getType(),
313 $this->object->getId()
314 );
315
316 $infos = array_merge($infos,$ilAccess->getInfo());
317
318 $cmds = $this->getCommands($this->object->getType());
319
320 foreach ($cmds as $cmd)
321 {
322 $ilAccess->clear();
323 $ilAccess->doStatusCheck($cmd['permission'],$cmd['cmd'],$this->object->getRefId(),$this->user->getId(),$this->object->getId(),$this->object->getType());
324 $infos = array_merge($infos,$ilAccess->getInfo());
325 }
326
327 $alert = "il_ItemAlertProperty";
328 $okay = "il_ItemOkayProperty";
329 $text = "";
330
331 if (!$infos)
332 {
333 $text = "<span class=\"".$okay."\">".$this->lng->txt("access")."</span><br/> ";
334 }
335 else
336 {
337 foreach ($infos as $info)
338 {
339 switch ($info['type'])
340 {
341 case IL_STATUS_MESSAGE:
342 $text .= "<span class=\"".$okay."\">".$info['text']."</span><br/> ";
343 break;
344
345 case IL_NO_PARENT_ACCESS:
346 $factory = new ilObjectFactory();
347 $obj = $factory->getInstanceByRefId($info['data']);
348 $text .= "<span class=\"".$alert."\">".$info['text']." (".$this->lng->txt("obj_".$obj->getType())." #".$obj->getId().": ".$obj->getTitle().")</span><br/> ";
349 break;
350
351 default:
352 $text .= "<span class=\"".$alert."\">".$info['text']."</span><br/> ";
353 break;
354
355 }
356 }
357 }
358
359 $result_set[2][] = $text;
360
361 return $result_set;
362 }
363
368 function getAccessPermissionTableData()
369 {
370 global $ilAccess,$ilObjDataCache,$objDefinition;
371
372 // get all possible operation of current object
373 $ops_list = ilRbacReview::_getOperationList($this->object->getType());
374
375 $counter = 0;
376 $result_set = array();
377
378 // check permissions of user
379 foreach ($ops_list as $ops)
380 {
381 $access = $ilAccess->doRBACCheck($ops['operation'],"info",$this->object->getRefId(),$this->user->getId(),$this->object->getType());
382
383 $result_set[$counter]["img"] = $access ? self::IMG_OK : self::IMG_NOT_OK;
384
385 if (substr($ops['operation'], 0, 7) == "create_" &&
386 $objDefinition->isPlugin(substr($ops['operation'], 7)))
387 {
388 $result_set[$counter]["operation"] = ilObjectPlugin::lookupTxtById(substr($ops['operation'],7),
389 'rbac_'.$ops['operation']);
390 }
391 else if ($objDefinition->isPlugin($this->object->getType()))
392 {
393 $result_set[$counter]["operation"] = ilObjectPlugin::lookupTxtById($this->object->getType(),
394 $this->object->getType()."_".$ops['operation']);
395 }
396 elseif(substr($ops['operation'],0,7) == 'create_')
397 {
398 $result_set[$counter]["operation"] = $this->lng->txt('rbac_'.$ops['operation']);
399 }
400 else
401 {
402 $result_set[$counter]["operation"] = $this->lng->txt($this->object->getType()."_".$ops['operation']);
403 }
404
405 $list_role = [];
406
407 // Check ownership
408 if($this->user->getId() == $ilObjDataCache->lookupOwner($this->object->getId()))
409 {
410 if(
411 (substr($ops['operation'],0,7) != 'create_') and
412 ($ops['operation'] != 'edit_permission') and
413 ($ops['operation'] != 'edit_leanring_progress')
414 )
415 {
416 $list_role[] = $this->lng->txt('info_owner_of_object');
417 }
418 }
419 // get operations on object for each assigned role to user
420 foreach ($this->getAssignedValidRoles() as $role)
421 {
422 if (in_array($ops['ops_id'],$role['ops']))
423 {
424 $list_role[] = $role['translation'];
425 }
426 }
427
428 if (empty($list_role))
429 {
430 $list_role[] = $this->lng->txt('none');
431 }
432
433
434 $result_set[$counter]["role_ownership"] = $list_role;
435
436 ++$counter;
437 }
438
439 return $result_set;
440 }
441
446 function getAvailableRolesTableData()
447 {
448 global $tree;
449
450 include_once('./Services/AccessControl/classes/class.ilObjRole.php');
451
452 $path = array_reverse($tree->getPathId($this->object->getRefId()));
453
454 include_once ('./Services/AccessControl/classes/class.ilObjRole.php');
455 $counter = 0;
456
457 foreach ($this->valid_roles as $role)
458 {
459 $result_set[$counter]["img"] = in_array($role['obj_id'],$this->user_roles) ? self::IMG_OK : self::IMG_NOT_OK;
460 $result_set[$counter]["role"] = str_replace(" ","&nbsp;",ilObjRole::_getTranslation($role["title"]));
461
462 if ($role['role_type'] != "linked")
463 {
464 $result_set[$counter]["effective_from"] = "";
465 }
466 else
467 {
468 $rolfs = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"]);
469
470 // ok, try to match the next rolf in path
471 foreach ($path as $node)
472 {
473 if ($node == 1)
474 {
475 break;
476 }
477
478
479 if (in_array($node,$rolfs))
480 {
481 $nodedata = $tree->getNodeData($node);
482 $result_set[$counter]["effective_from"] = $nodedata["title"];
483 $result_set[$counter]["effective_from_ref_id"] = $node;
484 break;
485 }
486 }
487 }
488
489 if (in_array($role['obj_id'],$this->global_roles))
490 {
491 $result_set[$counter]["original_position"] = $this->lng->txt("global");
492 $result_set[$counter]["original_position_ref_id"] = false;
493 }
494 else
495 {
496 $rolf = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"],true);
497 $parent_node = $tree->getNodeData($rolf[0]);
498 $result_set[$counter]["original_position"] = $parent_node["title"];
499 $result_set[$counter]["original_position_ref_id"] = $parent_node["ref_id"];
500 }
501
502 ++$counter;
503 }
504
505 return $result_set;
506 }
507}
user
user()
Definition: user.php:4
$path
$path
Definition: aliased.php:25
$location
$location
Definition: buildRTE.php:44
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
php
An exception for terminatinating execution or to throw for unit testing.
IL_NO_PARENT_ACCESS
const IL_NO_PARENT_ACCESS
Definition: class.ilAccessInfo.php:27
ilAccessPermissionsStatusTableGUI
Table for Acces Permissons in Permission > Permission of User.
Definition: class.ilAccessPermissionsStatusTableGUI.php:14
ilAvailableRolesStatusTableGUI
Table for Available Roles in Permission > Permission of User.
Definition: class.ilAvailableRolesStatusTableGUI.php:14
ilCtrl
This class provides processing control methods.
Definition: class.ilCtrl.php:12
ilCtrl\getCmd
getCmd($a_default_cmd="", $a_safe_commands="")
Determines current get/post command.
Definition: class.ilCtrl.php:1037
ilCtrl\setReturn
setReturn($a_gui_obj, $a_cmd)
Set return command.
Definition: class.ilCtrl.php:1497
ilCtrl\getLinkTargetByClass
getLinkTargetByClass($a_class, $a_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get link target for command using gui class name.
Definition: class.ilCtrl.php:1462
ilCtrl\getNextClass
getNextClass($a_gui_class=null)
Get next class in the control path from the current class to the target command class.
Definition: class.ilCtrl.php:858
ilCtrl\getFormAction
getFormAction($a_gui_obj, $a_fallback_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get form action url for gui class object.
Definition: class.ilCtrl.php:1166
ilCtrl\forwardCommand
forwardCommand($a_gui_object)
Forward flow of control to next gui class this invokes the executeCommand() method of the gui object ...
Definition: class.ilCtrl.php:170
ilInfoScreenGUI
Class ilInfoScreenGUI.
Definition: class.ilInfoScreenGUI.php:19
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:508
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:787
ilObjectFactory
Class ilObjectFactory.
Definition: class.ilObjectFactory.php:21
ilObjectPermissionStatusGUI
This class displays the permission status of a user concerning a specific object.
Definition: class.ilObjectPermissionStatusGUI.php:17
ilObjectPermissionStatusGUI\__construct
__construct(&$a_obj)
Constructor @access public.
Definition: class.ilObjectPermissionStatusGUI.php:43
ilObjectPermissionStatusGUI\accessStatusInfo
accessStatusInfo()
Access- and Statusinformation Info.
Definition: class.ilObjectPermissionStatusGUI.php:134
ilObjectPermissionStatusGUI\accessPermissionsTable
accessPermissionsTable()
Access Permissions Table.
Definition: class.ilObjectPermissionStatusGUI.php:155
ilObjectPermissionStatusGUI\getAccessPermissionTableData
getAccessPermissionTableData()
Access Permissions Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:368
ilObjectPermissionStatusGUI\getAvailableRolesTableData
getAvailableRolesTableData()
Available Roles Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:446
ilObjectPlugin\lookupTxtById
static lookupTxtById($plugin_id, $lang_var)
Definition: class.ilObjectPlugin.php:74
ilRbacReview\_getOperationList
static _getOperationList($a_type=null)
get operation list by object type @access public @access static
Definition: class.ilRbacReview.php:1539
ilTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilTemplate.php:14
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:17
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4771
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4757
$counter
$counter
Definition: config-scanner.php:59
$text
$text
Definition: example_020.php:127
$info
$info
Definition: example_052.php:80
$cmd
$cmd
Definition: sahs_server.php:35
$ilUser
$ilUser
Definition: imgupload.php:18
$a_type
$a_type
Definition: workflow.php:93