53                $query = 
'UPDATE rbac_fa set blocked = '. 
$ilDB->quote($a_blocked_status,
'integer').
' '.
 
   54                                'WHERE rol_id = '.$ilDB->quote($a_role_id,
'integer').
' '.
 
   55                                'AND parent = '.$ilDB->quote($a_ref_id,
'integer');
 
   70                if (!isset($a_usr_id))
 
   72                        $message = get_class($this).
"::removeUser(): No usr_id given!";
 
   73                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
   76                $query = 
"DELETE FROM rbac_ua WHERE usr_id = ".$ilDB->quote($a_usr_id,
'integer');
 
   93                if (!isset($a_rol_id) or !isset($a_ref_id))
 
   95                        $message = get_class($this).
"::deleteRole(): Missing parameter! role_id: ".$a_rol_id.
" ref_id of role folder: ".$a_ref_id;
 
   96                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  100                if ($a_rol_id == SYSTEM_ROLE_ID)
 
  102                        $this->ilErr->raiseError(
$lng->txt(
"msg_sysrole_not_deletable"),$this->ilErr->MESSAGE);
 
  105                include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
 
  107                $mapping->deleteRole($a_rol_id); 
 
  114                $query = 
"DELETE FROM rbac_ua ".
 
  115                         "WHERE rol_id = ".$ilDB->quote($a_rol_id,
'integer');
 
  119                $query = 
"DELETE FROM rbac_pa ".
 
  120                         "WHERE rol_id = ".$ilDB->quote($a_rol_id,
'integer').
" ";
 
  139                if (!isset($a_obj_id))
 
  141                        $message = get_class($this).
"::deleteTemplate(): No obj_id given!";
 
  142                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  145                $query = 
'DELETE FROM rbac_templates '.
 
  146                         'WHERE rol_id = '.$ilDB->quote($a_obj_id,
'integer');
 
  149                $query = 
'DELETE FROM rbac_fa '.
 
  150                        'WHERE rol_id = '.$ilDB->quote($a_obj_id,
'integer');
 
  167                if (!isset($a_rol_id))
 
  169                        $message = get_class($this).
"::deleteLocalRole(): Missing parameter! role_id: '".$a_rol_id.
"'";
 
  170                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  174                if ($a_rol_id == SYSTEM_ROLE_ID)
 
  181                        $clause = 
'AND parent = '.$ilDB->quote($a_ref_id,
'integer').
' ';
 
  184                $query = 
'DELETE FROM rbac_fa '.
 
  185                         'WHERE rol_id = '.$ilDB->quote($a_rol_id,
'integer').
' '.
 
  189                $query = 
'DELETE FROM rbac_templates '.
 
  190                         'WHERE rol_id = '.$ilDB->quote($a_rol_id,
'integer').
' '.
 
  206                $ilAtomQuery = 
$ilDB->buildAtomQuery();
 
  207                $ilAtomQuery->addTableLock(
'rbac_ua');
 
  209                $ilAtomQuery->addQueryCallable(
 
  213                        $limit_query = 
'SELECT COUNT(*) num FROM rbac_ua '.
 
  214                                'WHERE '.$ilDB->in(
'rol_id',(array) $a_limited_roles,FALSE,
'integer');
 
  217                        if(
$row->num >= $a_limit)
 
  223                        $query = 
"INSERT INTO rbac_ua (usr_id, rol_id) ".
 
  225                                $ilDB->quote($a_usr_id,
'integer').
",".
$ilDB->quote($a_role_id,
'integer').
 
  237                $GLOBALS[
'rbacreview']->setAssignedCacheEntry($a_role_id,$a_usr_id,TRUE);
 
  241                include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
 
  243                $mapping->assign($a_role_id,$a_usr_id); 
 
  254                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
 
  256                foreach($role_desk_item_obj->getAll() as $item_data)
 
  258                        include_once 
'./Services/User/classes/class.ilObjUser.php';
 
  275                global 
$ilDB,$rbacreview;
 
  277                if (!isset($a_rol_id) or !isset($a_usr_id))
 
  279                        $message = get_class($this).
"::assignUser(): Missing parameter! role_id: ".$a_rol_id.
" usr_id: ".$a_usr_id;
 
  280                        #$this->ilErr->raiseError($message,$this->ilErr->WARNING); 
  284                $alreadyAssigned = $rbacreview->isAssigned($a_usr_id,$a_rol_id);        
 
  287                if (!$alreadyAssigned) 
 
  289                        $query = 
"INSERT INTO rbac_ua (usr_id, rol_id) ".
 
  290                         "VALUES (".$ilDB->quote($a_usr_id,
'integer').
",".
$ilDB->quote($a_rol_id,
'integer').
")";
 
  295                        $rbacreview->setAssignedCacheEntry($a_rol_id,$a_usr_id,
true);
 
  298                include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
 
  300                $mapping->assign($a_rol_id,$a_usr_id); 
 
  307                if(!$alreadyAssigned)
 
  310                        $GLOBALS[
'ilAppEventHandler']->raise(
 
  311                                        'Services/AccessControl',
 
  315                                                'usr_id' => $a_usr_id,
 
  316                                                'role_id' => $a_rol_id,
 
  333                global 
$ilDB, $rbacreview;
 
  335                if (!isset($a_rol_id) or !isset($a_usr_id))
 
  337                        $message = get_class($this).
"::deassignUser(): Missing parameter! role_id: ".$a_rol_id.
" usr_id: ".$a_usr_id;
 
  338                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  341                $query = 
"DELETE FROM rbac_ua ".
 
  342                         "WHERE usr_id = ".$ilDB->quote($a_usr_id,
'integer').
" ".
 
  343                         "AND rol_id = ".$ilDB->quote($a_rol_id,
'integer').
" ";
 
  346                $rbacreview->setAssignedCacheEntry($a_rol_id,$a_usr_id,
false);
 
  348                include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
 
  350                $mapping->deassign($a_rol_id,$a_usr_id); 
 
  357                $GLOBALS[
'ilAppEventHandler']->raise(
 
  358                                'Services/AccessControl',
 
  362                                        'usr_id' => $a_usr_id,
 
  363                                        'role_id' => $a_rol_id,
 
  382                if (!isset($a_rol_id) or !isset($a_ops) or !isset($a_ref_id))
 
  384                        $this->ilErr->raiseError(get_class($this).
"::grantPermission(): Missing parameter! ".
 
  385                                                        "role_id: ".$a_rol_id.
" ref_id: ".$a_ref_id.
" operations: ",$this->ilErr->WARNING);
 
  388                if (!is_array($a_ops))
 
  390                        $this->ilErr->raiseError(get_class($this).
"::grantPermission(): Wrong datatype for operations!",
 
  391                                                                         $this->ilErr->WARNING);
 
  401                if ($a_rol_id == SYSTEM_ROLE_ID)
 
  407                foreach ($a_ops as $key => $operation)
 
  409                        $a_ops[$key] = (int) $operation;
 
  413                $ops_ids = serialize($a_ops);
 
  415                $query = 
'DELETE FROM rbac_pa '.
 
  416                        'WHERE rol_id = %s '.
 
  419                        array($a_rol_id,$a_ref_id));
 
  426                $query = 
"INSERT INTO rbac_pa (rol_id,ops_id,ref_id) ".
 
  428                         "(".$ilDB->quote($a_rol_id,
'integer').
",".
$ilDB->quote($ops_ids,
'text').
",".
$ilDB->quote($a_ref_id,
'integer').
")";
 
  447                if (!isset($a_ref_id))
 
  450                        $message = get_class($this).
"::revokePermission(): Missing parameter! ref_id: ".$a_ref_id;
 
  451                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  453#$log->write("ilRBACadmin::revokePermission(), 0");
 
  456                if ($a_keep_protected != 
true)
 
  459                        if ($a_rol_id == SYSTEM_ROLE_ID)
 
  466                                $and1 = 
" AND rol_id = ".$ilDB->quote($a_rol_id,
'integer').
" ";
 
  473                        $query = 
"DELETE FROM rbac_pa ".
 
  474                                 "WHERE ref_id = ".$ilDB->quote($a_ref_id,
'integer').
 
  485                $roles_in_scope = $rbacreview->getParentRoleIds($a_ref_id);
 
  489#$log->write("ilRBACadmin::revokePermission(), 1");
 
  493                        foreach ($roles_in_scope as $role)
 
  495                                if ($role[
'protected'] == 
true)
 
  500                                $role_ids[] = $role[
'obj_id'];
 
  509                        $query = 
'DELETE FROM rbac_pa '.
 
  510                                'WHERE '.$ilDB->in(
'rol_id',$role_ids,
false,
'integer').
' '.
 
  511                                'AND ref_id = '.$ilDB->quote($a_ref_id,
'integer');
 
  516#$log->write("ilRBACadmin::revokePermission(), 2");     
 
  518                        if ($a_rol_id == SYSTEM_ROLE_ID)
 
  524                        if ($roles_in_scope[$a_rol_id][
'protected'] == 
true)
 
  529                        $query = 
"DELETE FROM rbac_pa ".
 
  530                                 "WHERE ref_id = ".$ilDB->quote($a_ref_id,
'integer').
" ".
 
  531                                 "AND rol_id = ".$ilDB->quote($a_rol_id,
'integer').
" ";
 
  548                $query = 
'DELETE FROM rbac_pa '.
 
  550                                '( '.$GLOBALS[
'tree']->getSubTreeQuery($a_ref_id,array(
'child')).
' ) '.
 
  551                                'AND rol_id = '.$ilDB->quote($a_role_id,
'integer');
 
  567                $query = 
'DELETE FROM rbac_templates '.
 
  568                                'WHERE parent IN ( '.
 
  569                                $GLOBALS[
'tree']->getSubTreeQuery($a_ref_id, array(
'child')).
' ) '.
 
  570                                'AND rol_id = '.$ilDB->quote($a_rol_id,
'integer');
 
  574                $query = 
'DELETE FROM rbac_fa '.
 
  575                                'WHERE parent IN ( '.
 
  576                                $GLOBALS[
'tree']->getSubTreeQuery($a_ref_id,array(
'child')).
' ) '.
 
  577                                'AND rol_id = '.$ilDB->quote($a_rol_id,
'integer');
 
  595                if (!isset($a_ref_ids) or !is_array($a_ref_ids))
 
  597                        $message = get_class($this).
"::revokePermissionList(): Missing parameter or parameter is not an array! reference_list: ".var_dump($a_ref_ids);
 
  598                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  601                if (!isset($a_rol_id))
 
  603                        $message = get_class($this).
"::revokePermissionList(): Missing parameter! rol_id: ".$a_rol_id;
 
  604                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  608                if ($a_rol_id == SYSTEM_ROLE_ID)
 
  613                $query = 
"DELETE FROM rbac_pa ".
 
  614                         "WHERE ".$ilDB->in(
'ref_id',$a_ref_ids,
false,
'integer').
' '.
 
  615                         "AND rol_id = ".$ilDB->quote($a_rol_id,
'integer');
 
  631        public function copyRolePermissions($a_source_id,$a_source_parent,$a_dest_parent,$a_dest_id,$a_consider_protected = 
true)
 
  633                global $tree,$rbacreview;
 
  638                $ops = $rbacreview->getRoleOperationsOnObject($a_source_id,$a_source_parent);
 
  657                global $rbacreview,
$ilDB;
 
  659                if (!isset($a_source_id) or !isset($a_source_parent) or !isset($a_dest_id) or !isset($a_dest_parent))
 
  661                        $message = __METHOD__.
": Missing parameter! source_id: ".$a_source_id.
 
  662                                           " source_parent_id: ".$a_source_parent.
 
  663                                           " dest_id : ".$a_dest_id.
 
  664                                           " dest_parent_id: ".$a_dest_parent;
 
  665                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  669                if ($a_dest_id == SYSTEM_ROLE_ID)
 
  675                $query = 
'SELECT * FROM rbac_templates '.
 
  676                         'WHERE rol_id = '.$ilDB->quote($a_source_id,
'integer').
' '.
 
  677                         'AND parent = '.$ilDB->quote($a_source_parent,
'integer');
 
  679                $operations = array();
 
  683                        $operations[$rownum][
'type'] = 
$row->type;
 
  684                        $operations[$rownum][
'ops_id'] = 
$row->ops_id;
 
  689                $query = 
'DELETE FROM rbac_templates WHERE rol_id = '.$ilDB->quote($a_dest_id,
'integer').
' '.
 
  690                        'AND parent = '.$ilDB->quote($a_dest_parent,
'integer');
 
  693                foreach($operations as 
$row => $op)
 
  695                        $query = 
'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
 
  697                                 $ilDB->quote($a_dest_id,
'integer').
",".
 
  698                                 $ilDB->quote($op[
'type'],
'text').
",".
 
  699                                 $ilDB->quote($op[
'ops_id'],
'integer').
",".
 
  700                                 $ilDB->quote($a_dest_parent,
'integer').
")";
 
  705                if ($a_consider_protected == 
true)
 
  707                        if ($rbacreview->isProtected($a_source_parent,$a_source_id))
 
  730                global $rbacreview,
$ilDB;
 
  732                if (!isset($a_source1_id) or !isset($a_source1_parent) 
 
  733                or !isset($a_source2_id) or !isset($a_source2_parent) 
 
  734                or !isset($a_dest_id) or !isset($a_dest_parent))
 
  736                        $message = get_class($this).
"::copyRolePermissionIntersection(): Missing parameter! source1_id: ".$a_source1_id.
 
  737                                           " source1_parent: ".$a_source1_parent.
 
  738                                           " source2_id: ".$a_source2_id.
 
  739                                           " source2_parent: ".$a_source2_parent.
 
  740                                           " dest_id: ".$a_dest_id.
 
  741                                           " dest_parent_id: ".$a_dest_parent;
 
  742                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  746                if ($a_dest_id == SYSTEM_ROLE_ID)
 
  752                if ($rbacreview->isProtected($a_source2_parent,$a_source2_id))
 
  754                        $GLOBALS[
'ilLog']->write(__METHOD__.
': Role is protected');
 
  758                $query = 
"SELECT s1.type, s1.ops_id ".
 
  759                        "FROM rbac_templates s1, rbac_templates s2 ".
 
  760                        "WHERE s1.rol_id = ".$ilDB->quote($a_source1_id,
'integer').
" ".
 
  761                        "AND s1.parent = ".$ilDB->quote($a_source1_parent,
'integer').
" ".
 
  762                        "AND s2.rol_id = ".$ilDB->quote($a_source2_id,
'integer').
" ".
 
  763                        "AND s2.parent = ".$ilDB->quote($a_source2_parent,
'integer').
" ".
 
  764                        "AND s1.type = s2.type ".
 
  765                        "AND s1.ops_id = s2.ops_id";
 
  770                $operations = array();
 
  774                        $operations[$rowNum][
'type'] = 
$row->type;
 
  775                        $operations[$rowNum][
'ops_id'] = 
$row->ops_id;
 
  781                $query = 
'DELETE FROM rbac_templates WHERE rol_id = '.$ilDB->quote($a_dest_id,
'integer').
' '.
 
  782                        'AND parent = '.$ilDB->quote($a_dest_parent,
'integer');
 
  785                $query = 
'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
 
  787                $sta = 
$ilDB->prepareManip(
$query,array(
'integer',
'text',
'integer',
'integer'));
 
  788                foreach($operations as $key => $set)
 
  790                        $ilDB->execute($sta,array(
 
  818                global 
$ilDB, $rbacreview;
 
  821                $s1_ops = $rbacreview->getAllOperationsOfRole($a_source1_id,$a_source1_parent);
 
  822                $s2_ops = $rbacreview->getAlloperationsOfRole($a_source2_id,$a_source2_parent);
 
  826                $GLOBALS[
'ilLog']->write(__METHOD__.
': '.print_r($s1_ops,TRUE));
 
  827                $GLOBALS[
'ilLog']->write(__METHOD__.
': '.print_r($s2_ops,TRUE));
 
  829                foreach($s1_ops as $type => $ops)
 
  835                                $query = 
'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
 
  837                                        $ilDB->quote($a_dest_id,
'integer').
', '.
 
  838                                        $ilDB->quote($type,
'text').
', '.
 
  839                                        $ilDB->quote($op,
'integer').
', '.
 
  840                                        $ilDB->quote($a_dest_parent,
'integer').
' '.
 
  847                foreach($s2_ops as $type => $ops)
 
  851                                if(!isset($s1_ops[$type]) or !in_array($op, $s1_ops[$type]))
 
  853                                        $query = 
'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
 
  855                                                $ilDB->quote($a_dest_id,
'integer').
', '.
 
  856                                                $ilDB->quote($type,
'text').
', '.
 
  857                                                $ilDB->quote($op,
'integer').
', '.
 
  858                                                $ilDB->quote($a_dest_parent,
'integer').
' '.
 
  877                global $rbacreview, 
$ilDB;
 
  879                $s1_ops = $rbacreview->getAllOperationsOfRole($a_source_id,$a_source_parent);
 
  880                $d_ops = $rbacreview->getAllOperationsOfRole($a_dest_id,$a_dest_parent);
 
  882                foreach($s1_ops as $type => $ops)
 
  886                                if(isset($d_ops[$type]) and in_array($op, $d_ops[$type]))
 
  888                                        $query = 
'DELETE FROM rbac_templates '.
 
  889                                                        'WHERE rol_id = '.$ilDB->quote($a_dest_id,
'integer').
' '.
 
  890                                                        'AND type = '.$ilDB->quote($type,
'text').
' '.
 
  891                                                        'AND ops_id = '.$ilDB->quote($op,
'integer').
' '.
 
  892                                                        'AND parent = '.$ilDB->quote($a_dest_parent,
'integer');
 
  915                if (!isset($a_rol_id) or !isset($a_ref_id))
 
  917                        $message = get_class($this).
"::deleteRolePermission(): Missing parameter! role_id: ".$a_rol_id.
" ref_id: ".$a_ref_id;
 
  918                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  922                if ($a_rol_id == SYSTEM_ROLE_ID)
 
  929                        $and_type = 
" AND type=".$ilDB->quote(
$a_type,
'text').
" ";
 
  932                $query = 
'DELETE FROM rbac_templates '.
 
  933                         'WHERE rol_id = '.$ilDB->quote($a_rol_id,
'integer').
' '.
 
  934                         'AND parent = '.$ilDB->quote($a_ref_id,
'integer').
' '.
 
  956                if (!isset($a_rol_id) or !isset(
$a_type) or !isset($a_ops) or !isset($a_ref_id))
 
  958                        $message = get_class($this).
"::setRolePermission(): Missing parameter!".
 
  959                                           " role_id: ".$a_rol_id.
 
  961                                           " operations: ".$a_ops.
 
  962                                           " ref_id: ".$a_ref_id;
 
  963                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  968                        $message = get_class($this).
"::setRolePermission(): a_type is no string or empty!";
 
  969                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  972                if (!is_array($a_ops) or empty($a_ops))
 
  974                        $message = get_class($this).
"::setRolePermission(): a_ops is no array or empty!";
 
  975                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
  979                if ($a_rol_id == SYSTEM_ROLE_ID)
 
  984                foreach($a_ops as $op)
 
  989                                        'rol_id'        => [
'integer', $a_rol_id],
 
  991                                        'ops_id'        => [
'integer', $op],
 
  992                                        'parent'        => [
'integer', $a_ref_id]
 
 1015                global 
$ilDB,$rbacreview;
 
 1017                if (!isset($a_rol_id) or !isset($a_parent))
 
 1019                        $message = get_class($this).
"::assignRoleToFolder(): Missing Parameter!".
 
 1020                                           " role_id: ".$a_rol_id.
 
 1021                                           " parent_id: ".$a_parent.
 
 1022                                           " assign: ".$a_assign;
 
 1023                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
 1027                if ($a_rol_id == SYSTEM_ROLE_ID)
 
 1033                if ($a_assign != 
"y")
 
 1039                $query = 
'SELECT rol_id FROM rbac_fa '.
 
 1040                        'WHERE rol_id = '.$ilDB->quote($a_rol_id,
'integer'). 
' '.
 
 1041                        'AND parent = '. 
$ilDB->quote($a_parent,
'integer');
 
 1049                $query = 
sprintf(
'INSERT INTO rbac_fa (rol_id, parent, assign, protected) '.
 
 1050                        'VALUES (%s,%s,%s,%s)',
 
 1051                        $ilDB->quote($a_rol_id,
'integer'),
 
 1052                        $ilDB->quote($a_parent,
'integer'),
 
 1053                        $ilDB->quote($a_assign,
'text'),
 
 1054                        $ilDB->quote(
'n',
'text'));
 
 1072                if (!isset($a_type_id) or !isset($a_ops_id))
 
 1074                        $message = get_class($this).
"::assignOperationToObject(): Missing parameter!".
 
 1075                                           "type_id: ".$a_type_id.
 
 1076                                           "ops_id: ".$a_ops_id;
 
 1077                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
 1080                $query = 
"INSERT INTO rbac_ta (typ_id, ops_id) ".
 
 1081                         "VALUES(".$ilDB->quote($a_type_id,
'integer').
",".
$ilDB->quote($a_ops_id,
'integer').
")";
 
 1098                if (!isset($a_type_id) or !isset($a_ops_id))
 
 1100                        $message = get_class($this).
"::deassignPermissionFromObject(): Missing parameter!".
 
 1101                                           "type_id: ".$a_type_id.
 
 1102                                           "ops_id: ".$a_ops_id;
 
 1103                        $this->ilErr->raiseError($message,$this->ilErr->WARNING);
 
 1106                $query = 
"DELETE FROM rbac_ta ".
 
 1107                         "WHERE typ_id = ".$ilDB->quote($a_type_id,
'integer').
" ".
 
 1108                         "AND ops_id = ".$ilDB->quote($a_ops_id,
'integer');
 
 1128                $query = 
'UPDATE rbac_fa '.
 
 1129                        'SET protected = '.$ilDB->quote($a_value,
'text').
' '.
 
 1130                        'WHERE rol_id = '.$ilDB->quote($a_role_id,
'integer');
 
 1147                global $rbacreview,
$ilLog,$ilObjDataCache;
 
 1149                $real_local = array();
 
 1150                foreach($rbacreview->getRolesOfRoleFolder($a_source_id,
false) as $role_data)
 
 1152                        $title = $ilObjDataCache->lookupTitle($role_data);
 
 1153                        if(substr(
$title,0,3) == 
'il_')
 
 1157                        $real_local[] = $role_data;
 
 1159                if(!count($real_local))
 
 1164                foreach($real_local as $role)
 
 1166                        include_once (
"./Services/AccessControl/classes/class.ilObjRole.php");
 
 1170                        $ilLog->write(__METHOD__.
': Start copying of role '.
$orig->getTitle());
 
 1172                        $roleObj->setTitle(
$orig->getTitle());
 
 1173                        $roleObj->setDescription(
$orig->getDescription());
 
 1174                        $roleObj->setImportId(
$orig->getImportId());
 
 1179                        $ilLog->write(__METHOD__.
': Added new local role, id '.$roleObj->getId());
 
 1198                if($rbacreview->isProtected($a_role_parent, $a_role_id))
 
 1201                        $new_ops = $rbacreview->getOperationsOfRole(
 
 1238                $new_ops = $rbacreview->getOperationsOfRole(
 
 1266                include_once 
'./Services/DidacticTemplate/classes/class.ilDidacticTemplateObjSettings.php';
 
 1271                include_once 
'./Services/DidacticTemplate/classes/class.ilDidacticTemplateActionFactory.php';
 
 1276                        $action->setRefId($a_ref_id);
 
 1296                global $rbacreview,$tree,
$ilLog;
 
 1298                $new_parent = $tree->getParentId($a_ref_id);
 
 1299                $old_context_roles = $rbacreview->getParentRoleIds($a_old_parent,
false);
 
 1300                $new_context_roles = $rbacreview->getParentRoleIds($new_parent,
false);
 
 1302                $for_addition = $for_deletion = array();
 
 1303                foreach($new_context_roles as $new_role_id => $new_role)
 
 1305                        if(!isset($old_context_roles[$new_role_id]))
 
 1307                                $for_addition[$new_role_id] = $new_role;
 
 1309                        elseif($new_role[
'parent'] != $old_context_roles[$new_role_id][
'parent'])
 
 1312                                $for_deletion[$new_role_id] = $new_role;
 
 1313                                $for_addition[$new_role_id] = $new_role;
 
 1316                foreach($old_context_roles as $old_role_id => $old_role)
 
 1318                        if(!isset($new_context_roles[$old_role_id]))
 
 1320                                $for_deletion[$old_role_id] = $old_role;
 
 1324                if(!count($for_deletion) and !count($for_addition))
 
 1330                include_once 
"Services/AccessControl/classes/class.ilRbacLog.php";
 
 1332                if($rbac_log_active)
 
 1334                        $role_ids = array_unique(array_merge(array_keys($for_deletion), array_keys($for_addition)));
 
 1337                foreach($nodes = $tree->getSubTree($tree->getNodeData($a_ref_id),
true) as $node_data)
 
 1339                        $node_id = $node_data[
'child'];
 
 1341                        if($rbac_log_active)
 
 1349                        if(!$node_data[
'type'])
 
 1351                                $ilLog->write(__METHOD__.
': No type give. Choosing next tree entry.');
 
 1357                                $ilLog->write(__METHOD__.
': Missing subtree node_id');
 
 1361                        foreach($for_deletion as $role_id => $role_data)
 
 1367                        foreach($for_addition as $role_id => $role_data)
 
 1369                                switch($node_data[
'type'])
 
 1372                                                include_once 
'./Modules/Group/classes/class.ilObjGroup.php';
 
 1375                                                        $node_data[
'child'],
 
 1377                                                        $role_data[
'parent'],
 
 1384                                                include_once 
'./Modules/Course/classes/class.ilObjCourse.php';
 
 1387                                                        $node_data[
'child'],
 
 1389                                                        $role_data[
'parent'],
 
 1399                                                        $ops = $rbacreview->getOperationsOfRole($role_id,$node_data[
'type'],$role_data[
'parent']),
 
 1410                        if($rbac_log_active)
 
 1433                $parent_roles = $rbacreview->getParentRoleIds($a_source_ref_id, FALSE);
 
 1434                $GLOBALS[
'ilLog']->write(__METHOD__.
': '. print_r($parent_roles,TRUE));
 
sprintf('%.4f', $callTime)
const PEAR_ERROR_CALLBACK
An exception for terminatinating execution or to throw for unit testing.
static getActionsByTemplateId($a_tpl_id)
Get actions of one template.
represents a creation of local roles action
static lookupTemplateId($a_ref_id)
Lookup template id @global ilDB $ilDB.
static _getInstance()
Get singleton instance of this class.
static getLogger($a_component_id)
Get component logger.
static lookupCourseNonMemberTemplatesId()
Lookup course non member id.
static lookupGroupStatusTemplateId($a_obj_id)
@global $ilDB $ilDB
static _addDesktopItem($a_usr_id, $a_item_id, $a_type, $a_par="")
add an item to user's personal desktop
static _lookupObjId($a_id)
static _lookupType($a_id, $a_reference=false)
lookup object type
Class ilRbacAdmin Core functions for role based access control.
setProtected($a_ref_id, $a_role_id, $a_value)
Set protected @global $ilDB.
revokePermission($a_ref_id, $a_rol_id=0, $a_keep_protected=true)
Revokes permissions of an object of one role.
deleteRole($a_rol_id, $a_ref_id)
Deletes a role and deletes entries in object_data, rbac_pa, rbac_templates, rbac_ua,...
deleteSubtreeTemplates($a_ref_id, $a_rol_id)
Delete all template permissions of subtree nodes.
__construct()
Constructor @access public.
copyRolePermissions($a_source_id, $a_source_parent, $a_dest_parent, $a_dest_id, $a_consider_protected=true)
Copies template permissions and permission of one role to another.
deassignOperationFromObject($a_type_id, $a_ops_id)
Deassign an existing operation from an object Update of rbac_ta @access public.
adjustMovedObjectPermissions($a_ref_id, $a_old_parent)
Adjust permissions of moved objects.
assignUser($a_rol_id, $a_usr_id)
Assigns an user to a role.
assignRoleToFolder($a_rol_id, $a_parent, $a_assign="y")
Assigns a role to an role folder A role folder is an object to store roles.
removeUser($a_usr_id)
deletes a user from rbac_ua all user <-> role relations are deleted @access public
assignUserLimited($a_role_id, $a_usr_id, $a_limit, $a_limited_roles=array())
Assign user limited.
deleteLocalRole($a_rol_id, $a_ref_id=0)
Deletes a local role and entries in rbac_fa and rbac_templates @access public.
copyLocalRoles($a_source_id, $a_target_id)
Copy local roles This method creates a copy of all local role.
revokePermissionList($a_ref_ids, $a_rol_id)
Revokes permissions of a LIST of objects of ONE role.
setRolePermission($a_rol_id, $a_type, $a_ops, $a_ref_id)
Inserts template permissions in rbac_templates for an specific object type.
initIntersectionPermissions($a_ref_id, $a_role_id, $a_role_parent, $a_template_id, $a_template_parent)
Init intersection permissions.
copyRoleTemplatePermissions($a_source_id, $a_source_parent, $a_dest_parent, $a_dest_id, $a_consider_protected=true)
Copies template permissions of one role to another.
applyMovedObjectDidacticTemplates($a_ref_id, $a_old_parent)
Apply didactic templates after object movement.
copyRolePermissionUnion( $a_source1_id, $a_source1_parent, $a_source2_id, $a_source2_parent, $a_dest_id, $a_dest_parent)
@global <type> $ilDB
deassignUser($a_rol_id, $a_usr_id)
Deassigns a user from a role.
copyEffectiveRolePermissions($a_source_ref_id, $target_ref_id, $a_subtree_id)
Copies all permission from source to target for all roles.
setBlockedStatus($a_role_id, $a_ref_id, $a_blocked_status)
Set blocked status.
revokeSubtreePermissions($a_ref_id, $a_role_id)
Revoke subtree permissions.
copyRolePermissionIntersection($a_source1_id, $a_source1_parent, $a_source2_id, $a_source2_parent, $a_dest_parent, $a_dest_id)
Copies the intersection of the template permissions of two roles to a third role.
assignOperationToObject($a_type_id, $a_ops_id)
Assign an existing operation to an object Update of rbac_ta.
deleteTemplate($a_obj_id)
Deletes a template from role folder and deletes all entries in rbac_templates, rbac_fa @access public...
grantPermission($a_rol_id, $a_ops, $a_ref_id)
Grants a permission to an object and a specific role.
deleteRolePermission($a_rol_id, $a_ref_id, $a_type=false)
Deletes all entries of a template.
addDesktopItem($a_rol_id, $a_usr_id)
Add desktop item.
copyRolePermissionSubtract($a_source_id, $a_source_parent, $a_dest_id, $a_dest_parent)
Subtract role permissions.
static diffFaPa(array $a_old, array $a_new)
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
$GLOBALS['loaded']
Global hash that tracks already loaded includes.