ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilObjectPermissionStatusGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 require_once('./Services/Repository/classes/class.ilObjectPlugin.php');
4 
16 class ilObjectPermissionStatusGUI
17 {
19  var $user;
21  var $lng;
23  var $ilCtrl;
25  var $tpl;
27  var $object;
29  var $rbacreview;
30  var $user_roles;
31  var $global_roles;
32  var $valid_roles;
33  var $assigned_valid_roles;
34 
35  const IMG_OK = 0;
36  const IMG_NOT_OK = 1;
37 
38 
43  public function __construct(&$a_obj)
44  {
45  global $ilCtrl,$lng,$rbacreview, $tpl;
46 
47  $this->lng = $lng;
48  $this->ilCtrl = $ilCtrl;
49  $this->tpl = $tpl;
50  $this->object = $a_obj;
51  $this->rbacreview = $rbacreview;
52 
53  $this->user = $this->getUser();
54  $this->user_roles = $rbacreview->assignedRoles($this->user->getId());
55  $this->global_roles = $rbacreview->getGlobalRoles();
56  $this->valid_roles = $rbacreview->getParentRoleIds($this->object->getRefId());
57  $this->assigned_valid_roles = $this->getAssignedValidRoles();
58 
59  }
60 
64  public function executeCommand()
65  {
66  global $ilCtrl;
67 
68  // determine next class in the call structure
69  $next_class = $this->ilCtrl->getNextClass($this);
70 
71  switch($next_class)
72  {
73  case 'ilrepositorysearchgui':
74  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
75  $rep_search = new ilRepositorySearchGUI();
76  $this->ilCtrl->setReturn($this,'perminfo');
77  $this->ilCtrl->forwardCommand($rep_search);
78  break;
79 
80  default:
81  $cmd = $this->ilCtrl->getCmd();
82  $this->$cmd();
83  break;
84  }
85  }
86 
90  function perminfo()
91  {
92  $tpl = new ilTemplate("tpl.info_layout.html", false, false, "Services/AccessControl");
93 
94  $tpl->setVariable("INFO_SUMMARY",$this->accessStatusInfo());
95  $tpl->setVariable("INFO_PERMISSIONS",$this->accessPermissionsTable());
96  $tpl->setVariable("INFO_ROLES",$this->availableRolesTable());
97  $tpl->setVariable("INFO_REMARK_INTERRUPTED",$this->lng->txt('info_remark_interrupted'));
98 
99  $this->tpl->setVariable("ADM_CONTENT", $tpl->get());
100 
101  $this->addToolbar();
102  }
103 
107  function addToolbar()
108  {
109  global $ilToolbar;
110 
111  $ilToolbar->setFormAction($this->ilCtrl->getFormAction($this, "perminfo"));
112 
113  $ilToolbar->addText($this->lng->txt('user'));
114 
115  include_once("./Services/Form/classes/class.ilTextInputGUI.php");
116 
117  $login = new ilTextInputGUI($this->lng->txt("username"), "user_login");
118  $login->setDataSource($this->ilCtrl->getLinkTargetByClass(array(get_class($this),
119  'ilRepositorySearchGUI'), 'doUserAutoComplete', '', true));
120  $login->setSize(15);
121  $login->setValue($this->user->getLogin());
122 
123  $ilToolbar->addInputItem($login);
124 
125  $ilToolbar->addFormButton($this->lng->txt("info_change_user_view"), "perminfo");
126 
127  //$ilToolbar->addText($lng->txt("info_enter_login_or_id"));
128  }
129 
134  function accessStatusInfo()
135  {
136  include_once("./Services/InfoScreen/classes/class.ilInfoScreenGUI.php");
137 
138  $info = new ilInfoScreenGUI(new stdClass());
139  $info->setFormAction($this->ilCtrl->getFormAction($this));
140 
141  $info->addSection($this->lng->txt("info_access_and_status_info"));
142 
143  foreach($this->getAccessStatusInfoData() as $data)
144  {
145  $info->addProperty($data[0], $data[1]);
146  }
147 
148  return $info->getHTML();
149  }
150 
155  function accessPermissionsTable()
156  {
157  include_once("./Services/AccessControl/classes/class.ilAccessPermissionsStatusTableGUI.php");
158 
159  $table = new ilAccessPermissionsStatusTableGUI($this, "perminfo");
160 
161  $table->setData($this->getAccessPermissionTableData());
162  $table->setTitle($this->lng->txt("info_access_permissions"));
163 
164  return $table->getHTML();
165  }
166 
171  function availableRolesTable()
172  {
173  include_once("./Services/AccessControl/classes/class.ilAvailableRolesStatusTableGUI.php");
174 
175  $table = new ilAvailableRolesStatusTableGUI($this, "perminfo");
176 
177  $table->setData($this->getAvailableRolesTableData());
178  $table->setTitle($this->lng->txt("info_available_roles"));
179 
180  return $table->getHTML();
181  }
182 
187  function getAssignedValidRoles()
188  {
189  include_once ('./Services/AccessControl/classes/class.ilObjRole.php');
190  $assigned_valid_roles = array();
191 
192  foreach ($this->valid_roles as $role)
193  {
194  if (in_array($role['obj_id'],$this->user_roles))
195  {
196  if ($role["obj_id"] == SYSTEM_ROLE_ID)
197  {
198  // get all possible operation of current object
199  $ops_list = ilRbacReview::_getOperationList($this->object->getType());
200 
201  foreach ($ops_list as $ops_data)
202  {
203  $ops[] = (int) $ops_data['ops_id'];
204  }
205 
206  $role['ops'] = $ops;
207  }
208  else
209  {
210  $role['ops'] = $this->rbacreview->getRoleOperationsOnObject($role["obj_id"],$this->object->getRefId());
211  }
212 
213  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
214  $role['translation'] = str_replace(" ","&nbsp;",ilObjRole::_getTranslation($role["title"]));
215  $assigned_valid_roles[] = $role;
216  }
217  }
218 
219  $this->assigned_valid_roles = $assigned_valid_roles;
220 
221  return $assigned_valid_roles;
222  }
223 
229  function getCommands($a_type)
230  {
231  global $objDefinition;
232 
233  $class = $objDefinition->getClassName($a_type);
234  $location = $objDefinition->getLocation($a_type);
235  $full_class = "ilObj".$class."Access";
236  include_once($location."/class.".$full_class.".php");
237 
238  $cmds = call_user_func(array($full_class, "_getCommands"));
239 
240  array_push($cmds,array('permission' => 'visible','cmd' => 'info'));
241 
242  return $cmds;
243  }
244 
249  function getUser()
250  {
251  global $ilUser;
252 
253  if (!isset($_POST['user_login']))
254  {
255  $user =& $ilUser;
256  }
257  else
258  {
259  include_once('Services/User/classes/class.ilObjUser.php');
260  $user_id = ilObjUser::_lookupId($_POST['user_login']);
261 
262  $factory = new ilObjectFactory();
263  $user = $factory->getInstanceByObjId($user_id,false);
264 
265 
266  if ($user === false or $user->getType() != 'usr')
267  {
268  $user =& $ilUser;
269  ilUtil::sendFailure($this->lng->txt('info_err_user_not_exist'));
270  }
271  else
272  {
273  ilUtil::sendInfo($this->lng->txt('info_user_view_changed'));
274  }
275  }
276 
277  return $user;
278  }
279 
284  function getAccessStatusInfoData()
285  {
286  global $ilAccess;
287  $infos = array();
288 
289  $result_set[0][] = $this->lng->txt("info_view_of_user");
290  $result_set[0][] = $this->user->getFullname()." (#".$this->user->getId().")";
291 
292  $assigned_valid_roles = array();
293 
294  foreach ($this->getAssignedValidRoles() as $role)
295  {
296  $assigned_valid_roles[] = $role["translation"];
297  }
298 
299  $roles_str = implode(", ",$assigned_valid_roles);
300 
301  $result_set[1][] = $this->lng->txt("roles");
302  $result_set[1][] = $roles_str;
303 
304  $result_set[2][] = $this->lng->txt("status");
305 
306  $ilAccess->clear();
307  $ilAccess->checkAccessOfUser(
308  $this->user->getId(),
309  'read',
310  '',
311  $this->object->getRefId(),
312  $this->object->getType(),
313  $this->object->getId()
314  );
315 
316  $infos = array_merge($infos,$ilAccess->getInfo());
317 
318  $cmds = $this->getCommands($this->object->getType());
319 
320  foreach ($cmds as $cmd)
321  {
322  $ilAccess->clear();
323  $ilAccess->doStatusCheck($cmd['permission'],$cmd['cmd'],$this->object->getRefId(),$this->user->getId(),$this->object->getId(),$this->object->getType());
324  $infos = array_merge($infos,$ilAccess->getInfo());
325  }
326 
327  $alert = "il_ItemAlertProperty";
328  $okay = "il_ItemOkayProperty";
329  $text = "";
330 
331  if (!$infos)
332  {
333  $text = "<span class=\"".$okay."\">".$this->lng->txt("access")."</span><br/> ";
334  }
335  else
336  {
337  foreach ($infos as $info)
338  {
339  switch ($info['type'])
340  {
341  case IL_STATUS_MESSAGE:
342  $text .= "<span class=\"".$okay."\">".$info['text']."</span><br/> ";
343  break;
344 
345  case IL_NO_PARENT_ACCESS:
346  $factory = new ilObjectFactory();
347  $obj = $factory->getInstanceByRefId($info['data']);
348  $text .= "<span class=\"".$alert."\">".$info['text']." (".$this->lng->txt("obj_".$obj->getType())." #".$obj->getId().": ".$obj->getTitle().")</span><br/> ";
349  break;
350 
351  default:
352  $text .= "<span class=\"".$alert."\">".$info['text']."</span><br/> ";
353  break;
354 
355  }
356  }
357  }
358 
359  $result_set[2][] = $text;
360 
361  return $result_set;
362  }
363 
368  function getAccessPermissionTableData()
369  {
370  global $ilAccess,$ilObjDataCache,$objDefinition;
371 
372  // get all possible operation of current object
373  $ops_list = ilRbacReview::_getOperationList($this->object->getType());
374 
375  $counter = 0;
376  $result_set = array();
377 
378  // check permissions of user
379  foreach ($ops_list as $ops)
380  {
381  $access = $ilAccess->doRBACCheck($ops['operation'],"info",$this->object->getRefId(),$this->user->getId(),$this->object->getType());
382 
383  $result_set[$counter]["img"] = $access ? self::IMG_OK : self::IMG_NOT_OK;
384 
385  if (substr($ops['operation'], 0, 7) == "create_" &&
386  $objDefinition->isPlugin(substr($ops['operation'], 7)))
387  {
388  $result_set[$counter]["operation"] = ilObjectPlugin::lookupTxtById(substr($ops['operation'],7),
389  'rbac_'.$ops['operation']);
390  }
391  else if ($objDefinition->isPlugin($this->object->getType()))
392  {
393  $result_set[$counter]["operation"] = ilObjectPlugin::lookupTxtById($this->object->getType(),
394  $this->object->getType()."_".$ops['operation']);
395  }
396  elseif(substr($ops['operation'],0,7) == 'create_')
397  {
398  $result_set[$counter]["operation"] = $this->lng->txt('rbac_'.$ops['operation']);
399  }
400  else
401  {
402  $result_set[$counter]["operation"] = $this->lng->txt($this->object->getType()."_".$ops['operation']);
403  }
404 
405  $list_role = [];
406 
407  // Check ownership
408  if($this->user->getId() == $ilObjDataCache->lookupOwner($this->object->getId()))
409  {
410  if(
411  (substr($ops['operation'],0,7) != 'create_') and
412  ($ops['operation'] != 'edit_permission') and
413  ($ops['operation'] != 'edit_leanring_progress')
414  )
415  {
416  $list_role[] = $this->lng->txt('info_owner_of_object');
417  }
418  }
419  // get operations on object for each assigned role to user
420  foreach ($this->getAssignedValidRoles() as $role)
421  {
422  if (in_array($ops['ops_id'],$role['ops']))
423  {
424  $list_role[] = $role['translation'];
425  }
426  }
427 
428  if (empty($list_role))
429  {
430  $list_role[] = $this->lng->txt('none');
431  }
432 
433 
434  $result_set[$counter]["role_ownership"] = $list_role;
435 
436  ++$counter;
437  }
438 
439  return $result_set;
440  }
441 
446  function getAvailableRolesTableData()
447  {
448  global $tree;
449 
450  include_once('./Services/AccessControl/classes/class.ilObjRole.php');
451 
452  $path = array_reverse($tree->getPathId($this->object->getRefId()));
453 
454  include_once ('./Services/AccessControl/classes/class.ilObjRole.php');
455  $counter = 0;
456 
457  foreach ($this->valid_roles as $role)
458  {
459  $result_set[$counter]["img"] = in_array($role['obj_id'],$this->user_roles) ? self::IMG_OK : self::IMG_NOT_OK;
460  $result_set[$counter]["role"] = str_replace(" ","&nbsp;",ilObjRole::_getTranslation($role["title"]));
461 
462  if ($role['role_type'] != "linked")
463  {
464  $result_set[$counter]["effective_from"] = "";
465  }
466  else
467  {
468  $rolfs = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"]);
469 
470  // ok, try to match the next rolf in path
471  foreach ($path as $node)
472  {
473  if ($node == 1)
474  {
475  break;
476  }
477 
478 
479  if (in_array($node,$rolfs))
480  {
481  $nodedata = $tree->getNodeData($node);
482  $result_set[$counter]["effective_from"] = $nodedata["title"];
483  $result_set[$counter]["effective_from_ref_id"] = $node;
484  break;
485  }
486  }
487  }
488 
489  if (in_array($role['obj_id'],$this->global_roles))
490  {
491  $result_set[$counter]["original_position"] = $this->lng->txt("global");
492  $result_set[$counter]["original_position_ref_id"] = false;
493  }
494  else
495  {
496  $rolf = $this->rbacreview->getFoldersAssignedToRole($role["obj_id"],true);
497  $parent_node = $tree->getNodeData($rolf[0]);
498  $result_set[$counter]["original_position"] = $parent_node["title"];
499  $result_set[$counter]["original_position_ref_id"] = $parent_node["ref_id"];
500  }
501 
502  ++$counter;
503  }
504 
505  return $result_set;
506  }
507 }
ilObjectPermissionStatusGUI\getAvailableRolesTableData
getAvailableRolesTableData()
Available Roles Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:446
ilObjectPermissionStatusGUI\getAccessStatusInfoData
getAccessStatusInfoData()
Access Status Info Data.
Definition: class.ilObjectPermissionStatusGUI.php:284
$path
$path
Definition: aliased.php:25
ilCtrl
This class provides processing control methods.
Definition: class.ilCtrl.php:11
ilTextInputGUI\setDataSource
setDataSource($href, $a_delimiter=null)
set datasource link for js autocomplete
Definition: class.ilTextInputGUI.php:346
ilCtrl\setReturn
setReturn($a_gui_obj, $a_cmd)
Set return command.
Definition: class.ilCtrl.php:1497
ilInfoScreenGUI
Class ilInfoScreenGUI.
Definition: class.ilInfoScreenGUI.php:18
ilObjectFactory
Class ilObjectFactory.
Definition: class.ilObjectFactory.php:20
ilObjectPlugin\lookupTxtById
static lookupTxtById($plugin_id, $lang_var)
Definition: class.ilObjectPlugin.php:74
$location
$location
Definition: buildRTE.php:44
ilAccessPermissionsStatusTableGUI
Table for Acces Permissons in Permission > Permission of User.
Definition: class.ilAccessPermissionsStatusTableGUI.php:13
$cmd
$cmd
Definition: sahs_server.php:35
ilRbacReview\_getOperationList
static _getOperationList($a_type=null)
get operation list by object type public static
Definition: class.ilRbacReview.php:1539
ilCtrl\getLinkTargetByClass
getLinkTargetByClass($a_class, $a_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get link target for command using gui class name.
Definition: class.ilCtrl.php:1462
IL_NO_PARENT_ACCESS
const IL_NO_PARENT_ACCESS
Definition: class.ilAccessInfo.php:27
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:787
ilObjectPermissionStatusGUI\getAccessPermissionTableData
getAccessPermissionTableData()
Access Permissions Table Data.
Definition: class.ilObjectPermissionStatusGUI.php:368
user
user()
Definition: user.php:4
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4757
$counter
$counter
Definition: config-scanner.php:59
$a_type
$a_type
Definition: workflow.php:93
$info
$info
Definition: example_052.php:80
ilCtrl\getNextClass
getNextClass($a_gui_class=null)
Get next class in the control path from the current class to the target command class.
Definition: class.ilCtrl.php:858
ilObjectPermissionStatusGUI\accessStatusInfo
accessStatusInfo()
Access- and Statusinformation Info.
Definition: class.ilObjectPermissionStatusGUI.php:134
ilCtrl\getCmd
getCmd($a_default_cmd="", $a_safe_commands="")
Determines current get/post command.
Definition: class.ilCtrl.php:1037
ilCtrl\getFormAction
getFormAction($a_gui_obj, $a_fallback_cmd="", $a_anchor="", $a_asynch=false, $xml_style=true)
Get form action url for gui class object.
Definition: class.ilCtrl.php:1166
ilTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilTemplate.php:13
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilObjectPermissionStatusGUI\accessPermissionsTable
accessPermissionsTable()
Access Permissions Table.
Definition: class.ilObjectPermissionStatusGUI.php:155
$ilUser
$ilUser
Definition: imgupload.php:18
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:508
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4771
object
Create new PHPExcel object
obj_idprivate
Definition: 01pharSimple.php:37
$text
$text
Definition: example_020.php:127
ilAvailableRolesStatusTableGUI
Table for Available Roles in Permission > Permission of User.
Definition: class.ilAvailableRolesStatusTableGUI.php:13
ilObjectPermissionStatusGUI
This class displays the permission status of a user concerning a specific object. ...
Definition: class.ilObjectPermissionStatusGUI.php:16
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilCtrl\forwardCommand
forwardCommand($a_gui_object)
Forward flow of control to next gui class this invokes the executeCommand() method of the gui object ...
Definition: class.ilCtrl.php:170
ilObjectPermissionStatusGUI\getAssignedValidRoles
getAssignedValidRoles()
get Assigned Valid Roles
Definition: class.ilObjectPermissionStatusGUI.php:187