ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
Public Member Functions | Protected Member Functions
ilRbacAdmin Class Reference
Services/AccessControl

Class ilRbacAdmin Core functions for role based access control. More...

+ Collaboration diagram for ilRbacAdmin:

Public Member Functions

 __construct ()
 Constructor public. More...
 
 setBlockedStatus ($a_role_id, $a_ref_id, $a_blocked_status)
 Set blocked status. More...
 
 removeUser ($a_usr_id)
 deletes a user from rbac_ua all user <-> role relations are deleted public More...
 
 deleteRole ($a_rol_id, $a_ref_id)
 Deletes a role and deletes entries in object_data, rbac_pa, rbac_templates, rbac_ua, rbac_fa public. More...
 
 deleteTemplate ($a_obj_id)
 Deletes a template from role folder and deletes all entries in rbac_templates, rbac_fa public. More...
 
 deleteLocalRole ($a_rol_id, $a_ref_id=0)
 Deletes a local role and entries in rbac_fa and rbac_templates public. More...
 
 assignUserLimited ($a_role_id, $a_usr_id, $a_limit, $a_limited_roles=array())
 Assign user limited. More...
 
 assignUser ($a_rol_id, $a_usr_id)
 Assigns an user to a role. More...
 
 deassignUser ($a_rol_id, $a_usr_id)
 Deassigns a user from a role. More...
 
 grantPermission ($a_rol_id, $a_ops, $a_ref_id)
 Grants a permission to an object and a specific role. More...
 
 revokePermission ($a_ref_id, $a_rol_id=0, $a_keep_protected=true)
 Revokes permissions of an object of one role. More...
 
 revokeSubtreePermissions ($a_ref_id, $a_role_id)
 Revoke subtree permissions. More...
 
 deleteSubtreeTemplates ($a_ref_id, $a_rol_id)
 Delete all template permissions of subtree nodes. More...
 
 revokePermissionList ($a_ref_ids, $a_rol_id)
 Revokes permissions of a LIST of objects of ONE role. More...
 
 copyRolePermissions ($a_source_id, $a_source_parent, $a_dest_parent, $a_dest_id, $a_consider_protected=true)
 Copies template permissions and permission of one role to another. More...
 
 copyRoleTemplatePermissions ($a_source_id, $a_source_parent, $a_dest_parent, $a_dest_id, $a_consider_protected=true)
 Copies template permissions of one role to another. More...
 
 copyRolePermissionIntersection ($a_source1_id, $a_source1_parent, $a_source2_id, $a_source2_parent, $a_dest_parent, $a_dest_id)
 Copies the intersection of the template permissions of two roles to a third role. More...
 
 copyRolePermissionUnion ( $a_source1_id, $a_source1_parent, $a_source2_id, $a_source2_parent, $a_dest_id, $a_dest_parent)
 <type> $ilDB More...
 
 copyRolePermissionSubtract ($a_source_id, $a_source_parent, $a_dest_id, $a_dest_parent)
 Subtract role permissions. More...
 
 deleteRolePermission ($a_rol_id, $a_ref_id, $a_type=false)
 Deletes all entries of a template. More...
 
 setRolePermission ($a_rol_id, $a_type, $a_ops, $a_ref_id)
 Inserts template permissions in rbac_templates for an specific object type. More...
 
 assignRoleToFolder ($a_rol_id, $a_parent, $a_assign="y")
 Assigns a role to an role folder A role folder is an object to store roles. More...
 
 assignOperationToObject ($a_type_id, $a_ops_id)
 Assign an existing operation to an object Update of rbac_ta. More...
 
 deassignOperationFromObject ($a_type_id, $a_ops_id)
 Deassign an existing operation from an object Update of rbac_ta public. More...
 
 setProtected ($a_ref_id, $a_role_id, $a_value)
 Set protected $ilDB. More...
 
 copyLocalRoles ($a_source_id, $a_target_id)
 Copy local roles This method creates a copy of all local role. More...
 
 initIntersectionPermissions ($a_ref_id, $a_role_id, $a_role_parent, $a_template_id, $a_template_parent)
 Init intersection permissions. More...
 
 adjustMovedObjectPermissions ($a_ref_id, $a_old_parent)
 Adjust permissions of moved objects. More...
 
 copyEffectiveRolePermissions ($a_source_ref_id, $target_ref_id, $a_subtree_id)
 Copies all permission from source to target for all roles. More...
 

Protected Member Functions

 addDesktopItem ($a_rol_id, $a_usr_id)
 Add desktop item. More...
 
 applyMovedObjectDidacticTemplates ($a_ref_id, $a_old_parent)
 Apply didactic templates after object movement. More...
 

Detailed Description

Class ilRbacAdmin Core functions for role based access control.

Creation and maintenance of Relations. The main relations of Rbac are user <-> role (UR) assignment relation and the permission <-> role (PR) assignment relation. This class contains methods to 'create' and 'delete' instances of the (UR) relation e.g.: assignUser(), deassignUser() Required methods for the PR relation are grantPermission(), revokePermission()

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 18 of file class.ilRbacAdmin.php.

Constructor & Destructor Documentation

◆ __construct()

ilRbacAdmin::__construct ( )

Constructor public.

Definition at line 24 of file class.ilRbacAdmin.php.

References $ilDB, $ilErr, array, and PEAR_ERROR_CALLBACK.

25  {
26  global $ilDB,$ilErr,$ilias;
27 
28  // set db & error handler
29  (isset($ilDB)) ? $this->ilDB =& $ilDB : $this->ilDB =& $ilias->db;
30 
31  if (!isset($ilErr))
32  {
33  $ilErr = new ilErrorHandling();
34  $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
35  }
36  else
37  {
38  $this->ilErr =& $ilErr;
39  }
40  }
$ilErr
global $ilErr
Definition: raiseError.php:16
PEAR_ERROR_CALLBACK
const PEAR_ERROR_CALLBACK
Definition: PEAR.php:35
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilDB
Database Wrapper.
Definition: class.ilDB.php:29
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
if
PHPExcel root directory.
Definition: Database.php:30

Member Function Documentation

◆ addDesktopItem()

ilRbacAdmin::addDesktopItem (   $a_rol_id,
  $a_usr_id 
)
protected

Add desktop item.

Parameters
type$a_rol_id
type$a_usr_id

Definition at line 252 of file class.ilRbacAdmin.php.

References ilObjUser\_addDesktopItem().

Referenced by assignUser(), and assignUserLimited().

253  {
254  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
255  $role_desk_item_obj = new ilRoleDesktopItem($a_rol_id);
256  foreach($role_desk_item_obj->getAll() as $item_data)
257  {
258  include_once './Services/User/classes/class.ilObjUser.php';
259  ilObjUser::_addDesktopItem($a_usr_id, $item_data['item_id'], $item_data['item_type']);
260  }
261  }
ilRoleDesktopItem
Class ilObjRoleGUI.
Definition: class.ilRoleDesktopItem.php:17
ilObjUser\_addDesktopItem
static _addDesktopItem($a_usr_id, $a_item_id, $a_type, $a_par="")
add an item to user&#39;s personal desktop
Definition: class.ilObjUser.php:2991
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ adjustMovedObjectPermissions()

ilRbacAdmin::adjustMovedObjectPermissions (   $a_ref_id,
  $a_old_parent 
)

Adjust permissions of moved objects.

  • Delete permissions of parent roles that do not exist in new context
  • Delete role templates of parent roles that do not exist in new context
  • Add permissions for parent roles that did not exist in old context

public

Parameters
intref id of moved object
intref_id of old parent

Definition at line 1294 of file class.ilRbacAdmin.php.

References $ilLog, $log, ilRbacLog\add(), applyMovedObjectDidacticTemplates(), array, deleteLocalRole(), ilRbacLog\diffFaPa(), ilRbacLog\gatherFaPa(), grantPermission(), initIntersectionPermissions(), ilRbacLog\isActive(), ilObjCourse\lookupCourseNonMemberTemplatesId(), ilObjGroup\lookupGroupStatusTemplateId(), ilRbacLog\MOVE_OBJECT, and revokePermission().

1295  {
1296  global $rbacreview,$tree,$ilLog;
1297 
1298  $new_parent = $tree->getParentId($a_ref_id);
1299  $old_context_roles = $rbacreview->getParentRoleIds($a_old_parent,false);
1300  $new_context_roles = $rbacreview->getParentRoleIds($new_parent,false);
1301 
1302  $for_addition = $for_deletion = array();
1303  foreach($new_context_roles as $new_role_id => $new_role)
1304  {
1305  if(!isset($old_context_roles[$new_role_id]))
1306  {
1307  $for_addition[$new_role_id] = $new_role;
1308  }
1309  elseif($new_role['parent'] != $old_context_roles[$new_role_id]['parent'])
1310  {
1311  // handle stopped inheritance
1312  $for_deletion[$new_role_id] = $new_role;
1313  $for_addition[$new_role_id] = $new_role;
1314  }
1315  }
1316  foreach($old_context_roles as $old_role_id => $old_role)
1317  {
1318  if(!isset($new_context_roles[$old_role_id]))
1319  {
1320  $for_deletion[$old_role_id] = $old_role;
1321  }
1322  }
1323 
1324  if(!count($for_deletion) and !count($for_addition))
1325  {
1326  $this->applyMovedObjectDidacticTemplates($a_ref_id, $a_old_parent);
1327  return true;
1328  }
1329 
1330  include_once "Services/AccessControl/classes/class.ilRbacLog.php";
1331  $rbac_log_active = ilRbacLog::isActive();
1332  if($rbac_log_active)
1333  {
1334  $role_ids = array_unique(array_merge(array_keys($for_deletion), array_keys($for_addition)));
1335  }
1336 
1337  foreach($nodes = $tree->getSubTree($tree->getNodeData($a_ref_id),true) as $node_data)
1338  {
1339  $node_id = $node_data['child'];
1340 
1341  if($rbac_log_active)
1342  {
1343  $log_old = ilRbacLog::gatherFaPa($node_id, $role_ids);
1344  }
1345 
1346  // If $node_data['type'] is not set, this means there is a tree entry without
1347  // object_reference and/or object_data entry
1348  // Continue in this case
1349  if(!$node_data['type'])
1350  {
1351  $ilLog->write(__METHOD__.': No type give. Choosing next tree entry.');
1352  continue;
1353  }
1354 
1355  if(!$node_id)
1356  {
1357  $ilLog->write(__METHOD__.': Missing subtree node_id');
1358  continue;
1359  }
1360 
1361  foreach($for_deletion as $role_id => $role_data)
1362  {
1363  $this->deleteLocalRole($role_id,$node_id);
1364  $this->revokePermission($node_id,$role_id,false);
1365 //var_dump("<pre>",'REVOKE',$role_id,$node_id,$rolf_id,"</pre>");
1366  }
1367  foreach($for_addition as $role_id => $role_data)
1368  {
1369  switch($node_data['type'])
1370  {
1371  case 'grp':
1372  include_once './Modules/Group/classes/class.ilObjGroup.php';
1373  $tpl_id = ilObjGroup::lookupGroupStatusTemplateId($node_data['obj_id']);
1374  $this->initIntersectionPermissions(
1375  $node_data['child'],
1376  $role_id,
1377  $role_data['parent'],
1378  $tpl_id,
1379  ROLE_FOLDER_ID
1380  );
1381  break;
1382 
1383  case 'crs':
1384  include_once './Modules/Course/classes/class.ilObjCourse.php';
1385  $tpl_id = ilObjCourse::lookupCourseNonMemberTemplatesId();
1386  $this->initIntersectionPermissions(
1387  $node_data['child'],
1388  $role_id,
1389  $role_data['parent'],
1390  $tpl_id,
1391  ROLE_FOLDER_ID
1392  );
1393  break;
1394 
1395 
1396  default:
1397  $this->grantPermission(
1398  $role_id,
1399  $ops = $rbacreview->getOperationsOfRole($role_id,$node_data['type'],$role_data['parent']),
1400  $node_id);
1401  break;
1402 
1403 
1404  }
1405 
1406 
1407 //var_dump("<pre>",'GRANT',$role_id,$ops,$role_id,$node_data['type'],$role_data['parent'],"</pre>");
1408  }
1409 
1410  if($rbac_log_active)
1411  {
1412  $log_new = ilRbacLog::gatherFaPa($node_id, $role_ids);
1413  $log = ilRbacLog::diffFaPa($log_old, $log_new);
1414  ilRbacLog::add(ilRbacLog::MOVE_OBJECT, $node_id, $log);
1415  }
1416  }
1417 
1418  $this->applyMovedObjectDidacticTemplates($a_ref_id,$a_old_parent);
1419 
1420  }
ilObjGroup\lookupGroupStatusTemplateId
static lookupGroupStatusTemplateId($a_obj_id)
$ilDB $ilDB
Definition: class.ilObjGroup.php:1275
ilRbacAdmin\applyMovedObjectDidacticTemplates
applyMovedObjectDidacticTemplates($a_ref_id, $a_old_parent)
Apply didactic templates after object movement.
Definition: class.ilRbacAdmin.php:1264
ilObjCourse\lookupCourseNonMemberTemplatesId
static lookupCourseNonMemberTemplatesId()
Lookup course non member id.
Definition: class.ilObjCourse.php:1644
ilRbacLog\isActive
static isActive()
Definition: class.ilRbacLog.php:25
ilRbacLog\gatherFaPa
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
Definition: class.ilRbacLog.php:36
ilRbacLog\diffFaPa
static diffFaPa(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:77
ilRbacAdmin\deleteLocalRole
deleteLocalRole($a_rol_id, $a_ref_id=0)
Deletes a local role and entries in rbac_fa and rbac_templates public.
Definition: class.ilRbacAdmin.php:163
ilRbacAdmin\initIntersectionPermissions
initIntersectionPermissions($a_ref_id, $a_role_id, $a_role_parent, $a_template_id, $a_template_parent)
Init intersection permissions.
Definition: class.ilRbacAdmin.php:1194
ilRbacAdmin\grantPermission
grantPermission($a_rol_id, $a_ops, $a_ref_id)
Grants a permission to an object and a specific role.
Definition: class.ilRbacAdmin.php:378
$ilLog
$ilLog
Definition: inc.setup_header.php:130
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilRbacLog\add
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
Definition: class.ilRbacLog.php:162
ilRbacAdmin\revokePermission
revokePermission($a_ref_id, $a_rol_id=0, $a_keep_protected=true)
Revokes permissions of an object of one role.
Definition: class.ilRbacAdmin.php:443
ilRbacLog\MOVE_OBJECT
const MOVE_OBJECT
Definition: class.ilRbacLog.php:17
$log
$log
Definition: inc.setup_header.php:129
+ Here is the call graph for this function:

◆ applyMovedObjectDidacticTemplates()

ilRbacAdmin::applyMovedObjectDidacticTemplates (   $a_ref_id,
  $a_old_parent 
)
protected

Apply didactic templates after object movement.

Parameters
int$a_ref_id
int$a_old_parent
Deprecated:
since version 5.1.0 will be removed with 5.4 and implemented using event handler

Definition at line 1264 of file class.ilRbacAdmin.php.

References ilDidacticTemplateActionFactory\getActionsByTemplateId(), and ilDidacticTemplateObjSettings\lookupTemplateId().

Referenced by adjustMovedObjectPermissions().

1265  {
1266  include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateObjSettings.php';
1267  $tpl_id = ilDidacticTemplateObjSettings::lookupTemplateId($a_ref_id);
1268  if(!$tpl_id) {
1269  return;
1270  }
1271  include_once './Services/DidacticTemplate/classes/class.ilDidacticTemplateActionFactory.php';
1272  foreach(ilDidacticTemplateActionFactory::getActionsByTemplateId($tpl_id) as $action) {
1273  if($action instanceof ilDidacticTemplateLocalRoleAction) {
1274  continue;
1275  }
1276  $action->setRefId($a_ref_id);
1277  $action->apply();
1278  }
1279  return;
1280  }
ilDidacticTemplateObjSettings\lookupTemplateId
static lookupTemplateId($a_ref_id)
Lookup template id ilDB $ilDB.
Definition: class.ilDidacticTemplateObjSettings.php:19
ilDidacticTemplateLocalRoleAction
represents a creation of local roles action
Definition: class.ilDidacticTemplateLocalRoleAction.php:12
ilDidacticTemplateActionFactory\getActionsByTemplateId
static getActionsByTemplateId($a_tpl_id)
Get actions of one template.
Definition: class.ilDidacticTemplateActionFactory.php:68
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ assignOperationToObject()

ilRbacAdmin::assignOperationToObject (   $a_type_id,
  $a_ops_id 
)

Assign an existing operation to an object Update of rbac_ta.

public

Parameters
integerobject type
integeroperation_id
Returns
boolean

Definition at line 1068 of file class.ilRbacAdmin.php.

References $ilDB, $query, and $res.

1069  {
1070  global $ilDB;
1071 
1072  if (!isset($a_type_id) or !isset($a_ops_id))
1073  {
1074  $message = get_class($this)."::assignOperationToObject(): Missing parameter!".
1075  "type_id: ".$a_type_id.
1076  "ops_id: ".$a_ops_id;
1077  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1078  }
1079 
1080  $query = "INSERT INTO rbac_ta (typ_id, ops_id) ".
1081  "VALUES(".$ilDB->quote($a_type_id,'integer').",".$ilDB->quote($a_ops_id,'integer').")";
1082  $res = $ilDB->manipulate($query);
1083  return true;
1084  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ assignRoleToFolder()

ilRbacAdmin::assignRoleToFolder (   $a_rol_id,
  $a_parent,
  $a_assign = "y" 
)

Assigns a role to an role folder A role folder is an object to store roles.

Every role is assigned to minimum one role folder If the inheritance of a role is stopped, a new role template will created, and the role is assigned to minimum two role folders. All roles with stopped inheritance need the flag '$a_assign = false'

public

Parameters
integerobject id of role
integerref_id of role folder
stringassignable('y','n'); default: 'y'
Returns
boolean

Definition at line 1013 of file class.ilRbacAdmin.php.

References $ilDB, $query, $res, and ilLoggerFactory\getLogger().

Referenced by copyLocalRoles(), and initIntersectionPermissions().

1014  {
1015  global $ilDB,$rbacreview;
1016 
1017  if (!isset($a_rol_id) or !isset($a_parent))
1018  {
1019  $message = get_class($this)."::assignRoleToFolder(): Missing Parameter!".
1020  " role_id: ".$a_rol_id.
1021  " parent_id: ".$a_parent.
1022  " assign: ".$a_assign;
1023  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1024  }
1025 
1026  // exclude system role from rbac
1027  if ($a_rol_id == SYSTEM_ROLE_ID)
1028  {
1029  return true;
1030  }
1031 
1032  // if a wrong value is passed, always set assign to "n"
1033  if ($a_assign != "y")
1034  {
1035  $a_assign = "n";
1036  }
1037 
1038  // check if already assigned
1039  $query = 'SELECT rol_id FROM rbac_fa '.
1040  'WHERE rol_id = '.$ilDB->quote($a_rol_id,'integer'). ' '.
1041  'AND parent = '. $ilDB->quote($a_parent,'integer');
1042  $res = $ilDB->query($query);
1043  if($res->numRows())
1044  {
1045  ilLoggerFactory::getLogger('ac')->info('Role already assigned to object');
1046  return false;
1047  }
1048 
1049  $query = sprintf('INSERT INTO rbac_fa (rol_id, parent, assign, protected) '.
1050  'VALUES (%s,%s,%s,%s)',
1051  $ilDB->quote($a_rol_id,'integer'),
1052  $ilDB->quote($a_parent,'integer'),
1053  $ilDB->quote($a_assign,'text'),
1054  $ilDB->quote('n','text'));
1055  $res = $ilDB->manipulate($query);
1056 
1057  return true;
1058  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ assignUser()

ilRbacAdmin::assignUser (   $a_rol_id,
  $a_usr_id 
)

Assigns an user to a role.

Update of table rbac_ua TODO: remove deprecated 3rd parameter sometime public

Parameters
integerobject_id of role
integerobject_id of user
booleantrue means default role (optional
Returns
boolean

Definition at line 273 of file class.ilRbacAdmin.php.

References $GLOBALS, $ilDB, $query, $ref_id, $res, ilLDAPRoleGroupMapping\_getInstance(), ilObject\_lookupObjId(), ilObject\_lookupType(), addDesktopItem(), array, and ilLoggerFactory\getInstance().

274  {
275  global $ilDB,$rbacreview;
276 
277  if (!isset($a_rol_id) or !isset($a_usr_id))
278  {
279  $message = get_class($this)."::assignUser(): Missing parameter! role_id: ".$a_rol_id." usr_id: ".$a_usr_id;
280  #$this->ilErr->raiseError($message,$this->ilErr->WARNING);
281  }
282 
283  // check if already assigned user id and role_id
284  $alreadyAssigned = $rbacreview->isAssigned($a_usr_id,$a_rol_id);
285 
286  // enhanced: only if we haven't had this role for this user
287  if (!$alreadyAssigned)
288  {
289  $query = "INSERT INTO rbac_ua (usr_id, rol_id) ".
290  "VALUES (".$ilDB->quote($a_usr_id,'integer').",".$ilDB->quote($a_rol_id,'integer').")";
291  $res = $ilDB->manipulate($query);
292 
293  $this->addDesktopItem($a_rol_id, $a_usr_id);
294 
295  $rbacreview->setAssignedCacheEntry($a_rol_id,$a_usr_id,true);
296  }
297 
298  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
299  $mapping = ilLDAPRoleGroupMapping::_getInstance();
300  $mapping->assign($a_rol_id,$a_usr_id);
301 
302 
303  $ref_id = $GLOBALS['rbacreview']->getObjectReferenceOfRole($a_rol_id);
304  $obj_id = ilObject::_lookupObjId($ref_id);
305  $type = ilObject::_lookupType($obj_id);
306 
307  if(!$alreadyAssigned)
308  {
309  ilLoggerFactory::getInstance()->getLogger('ac')->debug('Raise event assign user');
310  $GLOBALS['ilAppEventHandler']->raise(
311  'Services/AccessControl',
312  'assignUser',
313  array(
314  'obj_id' => $obj_id,
315  'usr_id' => $a_usr_id,
316  'role_id' => $a_rol_id,
317  'type' => $type
318  )
319  );
320  }
321  return TRUE;
322  }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
ilLDAPRoleGroupMapping\_getInstance
static _getInstance()
Get singleton instance of this class.
Definition: class.ilLDAPRoleGroupMapping.php:64
ilRbacAdmin\addDesktopItem
addDesktopItem($a_rol_id, $a_usr_id)
Add desktop item.
Definition: class.ilRbacAdmin.php:252
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1021
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1176
$ref_id
$ref_id
Definition: sahs_server.php:39
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ assignUserLimited()

ilRbacAdmin::assignUserLimited (   $a_role_id,
  $a_usr_id,
  $a_limit,
  $a_limited_roles = array() 
)

Assign user limited.

Parameters
type$a_role_id
type$a_usr_id
type$a_limit

Definition at line 202 of file class.ilRbacAdmin.php.

References $GLOBALS, $ilDB, $query, $res, $ret, $row, ilLDAPRoleGroupMapping\_getInstance(), addDesktopItem(), array, ilDBConstants\FETCHMODE_OBJECT, ilDBInterface\manipulate(), ilDBInterface\query(), and ilDBInterface\quote().

203  {
204  global $ilDB;
205 
206  $ilAtomQuery = $ilDB->buildAtomQuery();
207  $ilAtomQuery->addTableLock('rbac_ua');
208 
209  $ilAtomQuery->addQueryCallable(
210  function(ilDBInterface $ilDB) use(&$ret, $a_role_id, $a_usr_id,$a_limit, $a_limited_roles)
211  {
212  $ret = true;
213  $limit_query = 'SELECT COUNT(*) num FROM rbac_ua '.
214  'WHERE '.$ilDB->in('rol_id',(array) $a_limited_roles,FALSE,'integer');
215  $res = $ilDB->query($limit_query);
216  $row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
217  if($row->num >= $a_limit)
218  {
219  $ret = false;
220  return;
221  }
222 
223  $query = "INSERT INTO rbac_ua (usr_id, rol_id) ".
224  "VALUES (".
225  $ilDB->quote($a_usr_id,'integer').",".$ilDB->quote($a_role_id,'integer').
226  ")";
227  $res = $ilDB->manipulate($query);
228  });
229 
230  $ilAtomQuery->run();
231 
232  if(!$ret)
233  {
234  return false;
235  }
236 
237  $GLOBALS['rbacreview']->setAssignedCacheEntry($a_role_id,$a_usr_id,TRUE);
238 
239  $this->addDesktopItem($a_role_id,$a_usr_id);
240 
241  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
242  $mapping = ilLDAPRoleGroupMapping::_getInstance();
243  $mapping->assign($a_role_id,$a_usr_id);
244  return TRUE;
245  }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
ilLDAPRoleGroupMapping\_getInstance
static _getInstance()
Get singleton instance of this class.
Definition: class.ilLDAPRoleGroupMapping.php:64
ilDBInterface
Interface ilDBInterface.
Definition: interface.ilDBInterface.php:9
ilDBInterface\quote
quote($value, $type)
ilRbacAdmin\addDesktopItem
addDesktopItem($a_rol_id, $a_usr_id)
Add desktop item.
Definition: class.ilRbacAdmin.php:252
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$ret
$ret
Definition: parser.php:6
ilDBInterface\query
query($query)
ilDBInterface\manipulate
manipulate($query)
+ Here is the call graph for this function:

◆ copyEffectiveRolePermissions()

ilRbacAdmin::copyEffectiveRolePermissions (   $a_source_ref_id,
  $target_ref_id,
  $a_subtree_id 
)

Copies all permission from source to target for all roles.

Parameters
type$a_source_ref_id
type$target_ref_id
type$a_subtree_id

Definition at line 1429 of file class.ilRbacAdmin.php.

References $GLOBALS.

1430  {
1431  global $rbacreview;
1432 
1433  $parent_roles = $rbacreview->getParentRoleIds($a_source_ref_id, FALSE);
1434  $GLOBALS['ilLog']->write(__METHOD__.': '. print_r($parent_roles,TRUE));
1435 
1436 
1437 
1438  }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18

◆ copyLocalRoles()

ilRbacAdmin::copyLocalRoles (   $a_source_id,
  $a_target_id 
)

Copy local roles This method creates a copy of all local role.

Note: auto generated roles are excluded

public

Parameters
intsource id of object (not role folder)
inttarget id of object

Definition at line 1145 of file class.ilRbacAdmin.php.

References $ilLog, $orig, $title, array, assignRoleToFolder(), and copyRolePermissions().

1146  {
1147  global $rbacreview,$ilLog,$ilObjDataCache;
1148 
1149  $real_local = array();
1150  foreach($rbacreview->getRolesOfRoleFolder($a_source_id,false) as $role_data)
1151  {
1152  $title = $ilObjDataCache->lookupTitle($role_data);
1153  if(substr($title,0,3) == 'il_')
1154  {
1155  continue;
1156  }
1157  $real_local[] = $role_data;
1158  }
1159  if(!count($real_local))
1160  {
1161  return true;
1162  }
1163  // Create role folder
1164  foreach($real_local as $role)
1165  {
1166  include_once ("./Services/AccessControl/classes/class.ilObjRole.php");
1167  $orig = new ilObjRole($role);
1168  $orig->read();
1169 
1170  $ilLog->write(__METHOD__.': Start copying of role '.$orig->getTitle());
1171  $roleObj = new ilObjRole();
1172  $roleObj->setTitle($orig->getTitle());
1173  $roleObj->setDescription($orig->getDescription());
1174  $roleObj->setImportId($orig->getImportId());
1175  $roleObj->create();
1176 
1177  $this->assignRoleToFolder($roleObj->getId(),$a_target_id,"y");
1178  $this->copyRolePermissions($role,$a_source_id,$a_target_id,$roleObj->getId(),true);
1179  $ilLog->write(__METHOD__.': Added new local role, id '.$roleObj->getId());
1180  }
1181 
1182  }
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
$ilLog
$ilLog
Definition: inc.setup_header.php:130
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilRbacAdmin\copyRolePermissions
copyRolePermissions($a_source_id, $a_source_parent, $a_dest_parent, $a_dest_id, $a_consider_protected=true)
Copies template permissions and permission of one role to another.
Definition: class.ilRbacAdmin.php:631
ilRbacAdmin\assignRoleToFolder
assignRoleToFolder($a_rol_id, $a_parent, $a_assign="y")
Assigns a role to an role folder A role folder is an object to store roles.
Definition: class.ilRbacAdmin.php:1013
+ Here is the call graph for this function:

◆ copyRolePermissionIntersection()

ilRbacAdmin::copyRolePermissionIntersection (   $a_source1_id,
  $a_source1_parent,
  $a_source2_id,
  $a_source2_parent,
  $a_dest_parent,
  $a_dest_id 
)

Copies the intersection of the template permissions of two roles to a third role.

public

Parameters
integer$a_source1_idrole_id source
integer$a_source1_parentparent_id source
integer$a_source2_idrole_id source
integer$a_source2_parentparent_id source
integer$a_dest_idrole_id destination
integer$a_dest_parentparent_id destination
Returns
boolean

Definition at line 728 of file class.ilRbacAdmin.php.

References $GLOBALS, $ilDB, $query, $res, $row, array, ilDBConstants\FETCHMODE_OBJECT, and ilLoggerFactory\getLogger().

Referenced by initIntersectionPermissions().

729  {
730  global $rbacreview,$ilDB;
731 
732  if (!isset($a_source1_id) or !isset($a_source1_parent)
733  or !isset($a_source2_id) or !isset($a_source2_parent)
734  or !isset($a_dest_id) or !isset($a_dest_parent))
735  {
736  $message = get_class($this)."::copyRolePermissionIntersection(): Missing parameter! source1_id: ".$a_source1_id.
737  " source1_parent: ".$a_source1_parent.
738  " source2_id: ".$a_source2_id.
739  " source2_parent: ".$a_source2_parent.
740  " dest_id: ".$a_dest_id.
741  " dest_parent_id: ".$a_dest_parent;
742  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
743  }
744 
745  // exclude system role from rbac
746  if ($a_dest_id == SYSTEM_ROLE_ID)
747  {
748  ilLoggerFactory::getLogger('ac')->debug('Ignoring system role.');
749  return true;
750  }
751 
752  if ($rbacreview->isProtected($a_source2_parent,$a_source2_id))
753  {
754  $GLOBALS['ilLog']->write(__METHOD__.': Role is protected');
755  return true;
756  }
757 
758  $query = "SELECT s1.type, s1.ops_id ".
759  "FROM rbac_templates s1, rbac_templates s2 ".
760  "WHERE s1.rol_id = ".$ilDB->quote($a_source1_id,'integer')." ".
761  "AND s1.parent = ".$ilDB->quote($a_source1_parent,'integer')." ".
762  "AND s2.rol_id = ".$ilDB->quote($a_source2_id,'integer')." ".
763  "AND s2.parent = ".$ilDB->quote($a_source2_parent,'integer')." ".
764  "AND s1.type = s2.type ".
765  "AND s1.ops_id = s2.ops_id";
766 
767  ilLoggerFactory::getLogger('ac')->dump($query);
768 
769  $res = $ilDB->query($query);
770  $operations = array();
771  $rowNum = 0;
772  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
773  {
774  $operations[$rowNum]['type'] = $row->type;
775  $operations[$rowNum]['ops_id'] = $row->ops_id;
776 
777  $rowNum++;
778  }
779 
780  // Delete template permissions of target
781  $query = 'DELETE FROM rbac_templates WHERE rol_id = '.$ilDB->quote($a_dest_id,'integer').' '.
782  'AND parent = '.$ilDB->quote($a_dest_parent,'integer');
783  $res = $ilDB->manipulate($query);
784 
785  $query = 'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
786  'VALUES (?,?,?,?)';
787  $sta = $ilDB->prepareManip($query,array('integer','text','integer','integer'));
788  foreach($operations as $key => $set)
789  {
790  $ilDB->execute($sta,array(
791  $a_dest_id,
792  $set['type'],
793  $set['ops_id'],
794  $a_dest_parent));
795  }
796  return true;
797  }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ copyRolePermissions()

ilRbacAdmin::copyRolePermissions (   $a_source_id,
  $a_source_parent,
  $a_dest_parent,
  $a_dest_id,
  $a_consider_protected = true 
)

Copies template permissions and permission of one role to another.

public

Parameters
integer$a_source_idrole_id source
integer$a_source_parentparent_id source
integer$a_dest_parentparent_id destination
integer$a_dest_idrole_id destination
Returns
boolean

Definition at line 631 of file class.ilRbacAdmin.php.

References copyRoleTemplatePermissions(), grantPermission(), and revokePermission().

Referenced by copyLocalRoles().

632  {
633  global $tree,$rbacreview;
634 
635  // Copy template permissions
636  $this->copyRoleTemplatePermissions($a_source_id,$a_source_parent,$a_dest_parent,$a_dest_id,$a_consider_protected);
637 
638  $ops = $rbacreview->getRoleOperationsOnObject($a_source_id,$a_source_parent);
639 
640  $this->revokePermission($a_dest_parent,$a_dest_id);
641  $this->grantPermission($a_dest_id,$ops,$a_dest_parent);
642  return true;
643  }
ilRbacAdmin\copyRoleTemplatePermissions
copyRoleTemplatePermissions($a_source_id, $a_source_parent, $a_dest_parent, $a_dest_id, $a_consider_protected=true)
Copies template permissions of one role to another.
Definition: class.ilRbacAdmin.php:655
ilRbacAdmin\grantPermission
grantPermission($a_rol_id, $a_ops, $a_ref_id)
Grants a permission to an object and a specific role.
Definition: class.ilRbacAdmin.php:378
ilRbacAdmin\revokePermission
revokePermission($a_ref_id, $a_rol_id=0, $a_keep_protected=true)
Revokes permissions of an object of one role.
Definition: class.ilRbacAdmin.php:443
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ copyRolePermissionSubtract()

ilRbacAdmin::copyRolePermissionSubtract (   $a_source_id,
  $a_source_parent,
  $a_dest_id,
  $a_dest_parent 
)

Subtract role permissions.

Parameters
type$a_source_id
type$a_source_parent
type$a_dest_id
type$a_dest_parent

Definition at line 875 of file class.ilRbacAdmin.php.

References $ilDB, and $query.

876  {
877  global $rbacreview, $ilDB;
878 
879  $s1_ops = $rbacreview->getAllOperationsOfRole($a_source_id,$a_source_parent);
880  $d_ops = $rbacreview->getAllOperationsOfRole($a_dest_id,$a_dest_parent);
881 
882  foreach($s1_ops as $type => $ops)
883  {
884  foreach($ops as $op)
885  {
886  if(isset($d_ops[$type]) and in_array($op, $d_ops[$type]))
887  {
888  $query = 'DELETE FROM rbac_templates '.
889  'WHERE rol_id = '.$ilDB->quote($a_dest_id,'integer').' '.
890  'AND type = '.$ilDB->quote($type,'text').' '.
891  'AND ops_id = '.$ilDB->quote($op,'integer').' '.
892  'AND parent = '.$ilDB->quote($a_dest_parent,'integer');
893  $ilDB->manipulate($query);
894  }
895  }
896  }
897  return true;
898  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ copyRolePermissionUnion()

ilRbacAdmin::copyRolePermissionUnion (   $a_source1_id,
  $a_source1_parent,
  $a_source2_id,
  $a_source2_parent,
  $a_dest_id,
  $a_dest_parent 
)

<type> $ilDB

Parameters
<type>$a_source1_id
<type>$a_source1_parent
<type>$a_source2_id
<type>$a_source2_parent
<type>$a_dest_id
<type>$a_dest_parent
Returns
<type>

Definition at line 810 of file class.ilRbacAdmin.php.

References $GLOBALS, $ilDB, $query, and deleteRolePermission().

817  {
818  global $ilDB, $rbacreview;
819 
820 
821  $s1_ops = $rbacreview->getAllOperationsOfRole($a_source1_id,$a_source1_parent);
822  $s2_ops = $rbacreview->getAlloperationsOfRole($a_source2_id,$a_source2_parent);
823 
824  $this->deleteRolePermission($a_dest_id, $a_dest_parent);
825 
826  $GLOBALS['ilLog']->write(__METHOD__.': '.print_r($s1_ops,TRUE));
827  $GLOBALS['ilLog']->write(__METHOD__.': '.print_r($s2_ops,TRUE));
828 
829  foreach($s1_ops as $type => $ops)
830  {
831  foreach($ops as $op)
832  {
833  // insert all permission of source 1
834  // #15469
835  $query = 'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
836  'VALUES( '.
837  $ilDB->quote($a_dest_id,'integer').', '.
838  $ilDB->quote($type,'text').', '.
839  $ilDB->quote($op,'integer').', '.
840  $ilDB->quote($a_dest_parent,'integer').' '.
841  ')';
842  $ilDB->manipulate($query);
843  }
844  }
845 
846  // and the other direction...
847  foreach($s2_ops as $type => $ops)
848  {
849  foreach($ops as $op)
850  {
851  if(!isset($s1_ops[$type]) or !in_array($op, $s1_ops[$type]))
852  {
853  $query = 'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
854  'VALUES( '.
855  $ilDB->quote($a_dest_id,'integer').', '.
856  $ilDB->quote($type,'text').', '.
857  $ilDB->quote($op,'integer').', '.
858  $ilDB->quote($a_dest_parent,'integer').' '.
859  ')';
860  $ilDB->manipulate($query);
861  }
862  }
863  }
864 
865  return true;
866  }
ilRbacAdmin\deleteRolePermission
deleteRolePermission($a_rol_id, $a_ref_id, $a_type=false)
Deletes all entries of a template.
Definition: class.ilRbacAdmin.php:911
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ copyRoleTemplatePermissions()

ilRbacAdmin::copyRoleTemplatePermissions (   $a_source_id,
  $a_source_parent,
  $a_dest_parent,
  $a_dest_id,
  $a_consider_protected = true 
)

Copies template permissions of one role to another.

It's also possible to copy template permissions from/to RoleTemplateObject public

Parameters
integer$a_source_idrole_id source
integer$a_source_parentparent_id source
integer$a_dest_parentparent_id destination
integer$a_dest_idrole_id destination
Returns
boolean

Definition at line 655 of file class.ilRbacAdmin.php.

References $ilDB, $query, $res, $row, array, and setProtected().

Referenced by copyRolePermissions().

656  {
657  global $rbacreview,$ilDB;
658 
659  if (!isset($a_source_id) or !isset($a_source_parent) or !isset($a_dest_id) or !isset($a_dest_parent))
660  {
661  $message = __METHOD__.": Missing parameter! source_id: ".$a_source_id.
662  " source_parent_id: ".$a_source_parent.
663  " dest_id : ".$a_dest_id.
664  " dest_parent_id: ".$a_dest_parent;
665  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
666  }
667 
668  // exclude system role from rbac
669  if ($a_dest_id == SYSTEM_ROLE_ID)
670  {
671  return true;
672  }
673 
674  // Read operations
675  $query = 'SELECT * FROM rbac_templates '.
676  'WHERE rol_id = '.$ilDB->quote($a_source_id,'integer').' '.
677  'AND parent = '.$ilDB->quote($a_source_parent,'integer');
678  $res = $ilDB->query($query);
679  $operations = array();
680  $rownum = 0;
681  while ($row = $ilDB->fetchObject($res))
682  {
683  $operations[$rownum]['type'] = $row->type;
684  $operations[$rownum]['ops_id'] = $row->ops_id;
685  $rownum++;
686  }
687 
688  // Delete target permissions
689  $query = 'DELETE FROM rbac_templates WHERE rol_id = '.$ilDB->quote($a_dest_id,'integer').' '.
690  'AND parent = '.$ilDB->quote($a_dest_parent,'integer');
691  $res = $ilDB->manipulate($query);
692 
693  foreach($operations as $row => $op)
694  {
695  $query = 'INSERT INTO rbac_templates (rol_id,type,ops_id,parent) '.
696  'VALUES ('.
697  $ilDB->quote($a_dest_id,'integer').",".
698  $ilDB->quote($op['type'],'text').",".
699  $ilDB->quote($op['ops_id'],'integer').",".
700  $ilDB->quote($a_dest_parent,'integer').")";
701  $ilDB->manipulate($query);
702  }
703 
704  // copy also protection status if applicable
705  if ($a_consider_protected == true)
706  {
707  if ($rbacreview->isProtected($a_source_parent,$a_source_id))
708  {
709  $this->setProtected($a_dest_parent,$a_dest_id,'y');
710  }
711  }
712 
713  return true;
714  }
ilRbacAdmin\setProtected
setProtected($a_ref_id, $a_role_id, $a_value)
Set protected $ilDB.
Definition: class.ilRbacAdmin.php:1122
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ deassignOperationFromObject()

ilRbacAdmin::deassignOperationFromObject (   $a_type_id,
  $a_ops_id 
)

Deassign an existing operation from an object Update of rbac_ta public.

Parameters
integerobject type
integeroperation_id
Returns
boolean

Definition at line 1094 of file class.ilRbacAdmin.php.

References $ilDB, $query, and $res.

1095  {
1096  global $ilDB;
1097 
1098  if (!isset($a_type_id) or !isset($a_ops_id))
1099  {
1100  $message = get_class($this)."::deassignPermissionFromObject(): Missing parameter!".
1101  "type_id: ".$a_type_id.
1102  "ops_id: ".$a_ops_id;
1103  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
1104  }
1105 
1106  $query = "DELETE FROM rbac_ta ".
1107  "WHERE typ_id = ".$ilDB->quote($a_type_id,'integer')." ".
1108  "AND ops_id = ".$ilDB->quote($a_ops_id,'integer');
1109  $res = $ilDB->manipulate($query);
1110 
1111  return true;
1112  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ deassignUser()

ilRbacAdmin::deassignUser (   $a_rol_id,
  $a_usr_id 
)

Deassigns a user from a role.

Update of table rbac_ua public

Parameters
integerobject id of role
integerobject id of user
Returns
boolean true on success

Definition at line 331 of file class.ilRbacAdmin.php.

References $GLOBALS, $ilDB, $query, $ref_id, $res, ilLDAPRoleGroupMapping\_getInstance(), ilObject\_lookupObjId(), ilObject\_lookupType(), array, and ilLoggerFactory\getInstance().

332  {
333  global $ilDB, $rbacreview;
334 
335  if (!isset($a_rol_id) or !isset($a_usr_id))
336  {
337  $message = get_class($this)."::deassignUser(): Missing parameter! role_id: ".$a_rol_id." usr_id: ".$a_usr_id;
338  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
339  }
340 
341  $query = "DELETE FROM rbac_ua ".
342  "WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer')." ".
343  "AND rol_id = ".$ilDB->quote($a_rol_id,'integer')." ";
344  $res = $ilDB->manipulate($query);
345 
346  $rbacreview->setAssignedCacheEntry($a_rol_id,$a_usr_id,false);
347 
348  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
349  $mapping = ilLDAPRoleGroupMapping::_getInstance();
350  $mapping->deassign($a_rol_id,$a_usr_id);
351 
352  $ref_id = $GLOBALS['rbacreview']->getObjectReferenceOfRole($a_rol_id);
353  $obj_id = ilObject::_lookupObjId($ref_id);
354  $type = ilObject::_lookupType($obj_id);
355 
356  ilLoggerFactory::getInstance()->getLogger('ac')->debug('Raise event deassign user');
357  $GLOBALS['ilAppEventHandler']->raise(
358  'Services/AccessControl',
359  'deassignUser',
360  array(
361  'obj_id' => $obj_id,
362  'usr_id' => $a_usr_id,
363  'role_id' => $a_rol_id,
364  'type' => $type
365  )
366  );
367  return TRUE;
368  }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
ilLDAPRoleGroupMapping\_getInstance
static _getInstance()
Get singleton instance of this class.
Definition: class.ilLDAPRoleGroupMapping.php:64
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1021
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1176
$ref_id
$ref_id
Definition: sahs_server.php:39
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ deleteLocalRole()

ilRbacAdmin::deleteLocalRole (   $a_rol_id,
  $a_ref_id = 0 
)

Deletes a local role and entries in rbac_fa and rbac_templates public.

Parameters
integerobject_id of role
integerref_id of role folder (optional)
Returns
boolean true on success

Definition at line 163 of file class.ilRbacAdmin.php.

References $ilDB, $query, and $res.

Referenced by adjustMovedObjectPermissions(), and deleteRole().

164  {
165  global $ilDB;
166 
167  if (!isset($a_rol_id))
168  {
169  $message = get_class($this)."::deleteLocalRole(): Missing parameter! role_id: '".$a_rol_id."'";
170  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
171  }
172 
173  // exclude system role from rbac
174  if ($a_rol_id == SYSTEM_ROLE_ID)
175  {
176  return true;
177  }
178 
179  if ($a_ref_id != 0)
180  {
181  $clause = 'AND parent = '.$ilDB->quote($a_ref_id,'integer').' ';
182  }
183 
184  $query = 'DELETE FROM rbac_fa '.
185  'WHERE rol_id = '.$ilDB->quote($a_rol_id,'integer').' '.
186  $clause;
187  $res = $ilDB->manipulate($query);
188 
189  $query = 'DELETE FROM rbac_templates '.
190  'WHERE rol_id = '.$ilDB->quote($a_rol_id,'integer').' '.
191  $clause;
192  $res = $ilDB->manipulate($query);
193  return true;
194  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ deleteRole()

ilRbacAdmin::deleteRole (   $a_rol_id,
  $a_ref_id 
)

Deletes a role and deletes entries in object_data, rbac_pa, rbac_templates, rbac_ua, rbac_fa public.

Parameters
integerobj_id of role (role_id)
integerref_id of role folder (ref_id)
Returns
boolean true on success

Definition at line 89 of file class.ilRbacAdmin.php.

References $ilDB, $lng, $query, $res, ilLDAPRoleGroupMapping\_getInstance(), and deleteLocalRole().

90  {
91  global $lng,$ilDB;
92 
93  if (!isset($a_rol_id) or !isset($a_ref_id))
94  {
95  $message = get_class($this)."::deleteRole(): Missing parameter! role_id: ".$a_rol_id." ref_id of role folder: ".$a_ref_id;
96  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
97  }
98 
99  // exclude system role from rbac
100  if ($a_rol_id == SYSTEM_ROLE_ID)
101  {
102  $this->ilErr->raiseError($lng->txt("msg_sysrole_not_deletable"),$this->ilErr->MESSAGE);
103  }
104 
105  include_once('Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
106  $mapping = ilLDAPRoleGroupMapping::_getInstance();
107  $mapping->deleteRole($a_rol_id);
108 
109 
110  // TODO: check assigned users before deletion
111  // This is done in ilObjRole. Should be better moved to this place?
112 
113  // delete user assignements
114  $query = "DELETE FROM rbac_ua ".
115  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer');
116  $res = $ilDB->manipulate($query);
117 
118  // delete permission assignments
119  $query = "DELETE FROM rbac_pa ".
120  "WHERE rol_id = ".$ilDB->quote($a_rol_id,'integer')." ";
121  $res = $ilDB->manipulate($query);
122 
123  //delete rbac_templates and rbac_fa
124  $this->deleteLocalRole($a_rol_id);
125 
126  return true;
127  }
ilRbacAdmin\deleteLocalRole
deleteLocalRole($a_rol_id, $a_ref_id=0)
Deletes a local role and entries in rbac_fa and rbac_templates public.
Definition: class.ilRbacAdmin.php:163
ilLDAPRoleGroupMapping\_getInstance
static _getInstance()
Get singleton instance of this class.
Definition: class.ilLDAPRoleGroupMapping.php:64
$lng
global $lng
Definition: privfeed.php:17
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the call graph for this function:

◆ deleteRolePermission()

ilRbacAdmin::deleteRolePermission (   $a_rol_id,
  $a_ref_id,
  $a_type = false 
)

Deletes all entries of a template.

If an object type is given for third parameter only the entries for that object type are deleted Update of table rbac_templates. public

Parameters
integerobject id of role
integerref_id of role folder
stringobject type (optional)
Returns
boolean

Definition at line 911 of file class.ilRbacAdmin.php.

References $a_type, $ilDB, $query, and $res.

Referenced by copyRolePermissionUnion().

912  {
913  global $ilDB;
914 
915  if (!isset($a_rol_id) or !isset($a_ref_id))
916  {
917  $message = get_class($this)."::deleteRolePermission(): Missing parameter! role_id: ".$a_rol_id." ref_id: ".$a_ref_id;
918  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
919  }
920 
921  // exclude system role from rbac
922  if ($a_rol_id == SYSTEM_ROLE_ID)
923  {
924  return true;
925  }
926 
927  if ($a_type !== false)
928  {
929  $and_type = " AND type=".$ilDB->quote($a_type,'text')." ";
930  }
931 
932  $query = 'DELETE FROM rbac_templates '.
933  'WHERE rol_id = '.$ilDB->quote($a_rol_id,'integer').' '.
934  'AND parent = '.$ilDB->quote($a_ref_id,'integer').' '.
935  $and_type;
936 
937  $res = $ilDB->manipulate($query);
938 
939  return true;
940  }
$a_type
$a_type
Definition: workflow.php:93
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ deleteSubtreeTemplates()

ilRbacAdmin::deleteSubtreeTemplates (   $a_ref_id,
  $a_rol_id 
)

Delete all template permissions of subtree nodes.

Parameters
object$a_ref_id
object$a_rol_id
Returns

Definition at line 563 of file class.ilRbacAdmin.php.

References $GLOBALS, $ilDB, $query, and array.

564  {
565  global $ilDB;
566 
567  $query = 'DELETE FROM rbac_templates '.
568  'WHERE parent IN ( '.
569  $GLOBALS['tree']->getSubTreeQuery($a_ref_id, array('child')).' ) '.
570  'AND rol_id = '.$ilDB->quote($a_rol_id,'integer');
571 
572  $ilDB->manipulate($query);
573 
574  $query = 'DELETE FROM rbac_fa '.
575  'WHERE parent IN ( '.
576  $GLOBALS['tree']->getSubTreeQuery($a_ref_id,array('child')).' ) '.
577  'AND rol_id = '.$ilDB->quote($a_rol_id,'integer');
578 
579  $ilDB->manipulate($query);
580 
581  return true;
582  }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ deleteTemplate()

ilRbacAdmin::deleteTemplate (   $a_obj_id)

Deletes a template from role folder and deletes all entries in rbac_templates, rbac_fa public.

Parameters
integerobject_id of role template
Returns
boolean

Definition at line 135 of file class.ilRbacAdmin.php.

References $ilDB, $query, and $res.

136  {
137  global $ilDB;
138 
139  if (!isset($a_obj_id))
140  {
141  $message = get_class($this)."::deleteTemplate(): No obj_id given!";
142  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
143  }
144 
145  $query = 'DELETE FROM rbac_templates '.
146  'WHERE rol_id = '.$ilDB->quote($a_obj_id,'integer');
147  $res = $ilDB->manipulate($query);
148 
149  $query = 'DELETE FROM rbac_fa '.
150  'WHERE rol_id = '.$ilDB->quote($a_obj_id,'integer');
151  $res = $ilDB->manipulate($query);
152 
153  return true;
154  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ grantPermission()

ilRbacAdmin::grantPermission (   $a_rol_id,
  $a_ops,
  $a_ref_id 
)

Grants a permission to an object and a specific role.

Update of table rbac_pa public

Parameters
integerobject id of role
arrayarray of operation ids
integerreference id of that object which is granted the permissions
Returns
boolean

Definition at line 378 of file class.ilRbacAdmin.php.

References $ilDB, $query, $res, and array.

Referenced by adjustMovedObjectPermissions(), copyRolePermissions(), and initIntersectionPermissions().

379  {
380  global $ilDB;
381 
382  if (!isset($a_rol_id) or !isset($a_ops) or !isset($a_ref_id))
383  {
384  $this->ilErr->raiseError(get_class($this)."::grantPermission(): Missing parameter! ".
385  "role_id: ".$a_rol_id." ref_id: ".$a_ref_id." operations: ",$this->ilErr->WARNING);
386  }
387 
388  if (!is_array($a_ops))
389  {
390  $this->ilErr->raiseError(get_class($this)."::grantPermission(): Wrong datatype for operations!",
391  $this->ilErr->WARNING);
392  }
393 
394  /*
395  if (count($a_ops) == 0)
396  {
397  return false;
398  }
399  */
400  // exclude system role from rbac
401  if ($a_rol_id == SYSTEM_ROLE_ID)
402  {
403  return true;
404  }
405 
406  // convert all values to integer
407  foreach ($a_ops as $key => $operation)
408  {
409  $a_ops[$key] = (int) $operation;
410  }
411 
412  // Serialization des ops_id Arrays
413  $ops_ids = serialize($a_ops);
414 
415  $query = 'DELETE FROM rbac_pa '.
416  'WHERE rol_id = %s '.
417  'AND ref_id = %s';
418  $res = $ilDB->queryF($query,array('integer','integer'),
419  array($a_rol_id,$a_ref_id));
420 
421  if(!count($a_ops))
422  {
423  return false;
424  }
425 
426  $query = "INSERT INTO rbac_pa (rol_id,ops_id,ref_id) ".
427  "VALUES ".
428  "(".$ilDB->quote($a_rol_id,'integer').",".$ilDB->quote($ops_ids,'text').",".$ilDB->quote($a_ref_id,'integer').")";
429  $res = $ilDB->manipulate($query);
430 
431  return true;
432  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ initIntersectionPermissions()

ilRbacAdmin::initIntersectionPermissions (   $a_ref_id,
  $a_role_id,
  $a_role_parent,
  $a_template_id,
  $a_template_parent 
)

Init intersection permissions.

type $rbacreview

Parameters
type$a_ref_id
type$a_role_id
type$a_role_parent
type$a_template_id
type$a_template_parent
Returns
type

Definition at line 1194 of file class.ilRbacAdmin.php.

References ilObject\_lookupType(), array, assignRoleToFolder(), copyRolePermissionIntersection(), ilLoggerFactory\getLogger(), grantPermission(), and revokePermission().

Referenced by adjustMovedObjectPermissions().

1195  {
1196  global $rbacreview;
1197 
1198  if($rbacreview->isProtected($a_role_parent, $a_role_id))
1199  {
1200  // Assign object permissions
1201  $new_ops = $rbacreview->getOperationsOfRole(
1202  $a_role_id,
1203  ilObject::_lookupType($a_ref_id, true),
1204  $a_role_parent
1205  );
1206 
1207  // set new permissions for object
1208  $this->grantPermission(
1209  $a_role_id,
1210  (array) $new_ops,
1211  $a_ref_id
1212  );
1213  return;
1214  }
1215  if(!$a_template_id)
1216  {
1217  ilLoggerFactory::getLogger('ac')->info('No template id given. Aborting.');
1218  return;
1219  }
1220  // create template permission intersection
1221  $this->copyRolePermissionIntersection(
1222  $a_template_id,
1223  $a_template_parent,
1224  $a_role_id,
1225  $a_role_parent,
1226  $a_ref_id,
1227  $a_role_id
1228  );
1229 
1230  // assign role to folder
1231  $this->assignRoleToFolder(
1232  $a_role_id,
1233  $a_ref_id,
1234  'n'
1235  );
1236 
1237  // Assign object permissions
1238  $new_ops = $rbacreview->getOperationsOfRole(
1239  $a_role_id,
1240  ilObject::_lookupType($a_ref_id, true),
1241  $a_ref_id
1242  );
1243 
1244  // revoke existing permissions
1245  $this->revokePermission($a_ref_id, $a_role_id);
1246 
1247  // set new permissions for object
1248  $this->grantPermission(
1249  $a_role_id,
1250  (array) $new_ops,
1251  $a_ref_id
1252  );
1253 
1254  return;
1255  }
ilRbacAdmin\copyRolePermissionIntersection
copyRolePermissionIntersection($a_source1_id, $a_source1_parent, $a_source2_id, $a_source2_parent, $a_dest_parent, $a_dest_id)
Copies the intersection of the template permissions of two roles to a third role. ...
Definition: class.ilRbacAdmin.php:728
ilRbacAdmin\grantPermission
grantPermission($a_rol_id, $a_ops, $a_ref_id)
Grants a permission to an object and a specific role.
Definition: class.ilRbacAdmin.php:378
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1176
ilRbacAdmin\revokePermission
revokePermission($a_ref_id, $a_rol_id=0, $a_keep_protected=true)
Revokes permissions of an object of one role.
Definition: class.ilRbacAdmin.php:443
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
ilRbacAdmin\assignRoleToFolder
assignRoleToFolder($a_rol_id, $a_parent, $a_assign="y")
Assigns a role to an role folder A role folder is an object to store roles.
Definition: class.ilRbacAdmin.php:1013
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ removeUser()

ilRbacAdmin::removeUser (   $a_usr_id)

deletes a user from rbac_ua all user <-> role relations are deleted public

Parameters
integeruser_id
Returns
boolean true on success

Definition at line 66 of file class.ilRbacAdmin.php.

References $ilDB, $query, and $res.

67  {
68  global $ilDB;
69 
70  if (!isset($a_usr_id))
71  {
72  $message = get_class($this)."::removeUser(): No usr_id given!";
73  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
74  }
75 
76  $query = "DELETE FROM rbac_ua WHERE usr_id = ".$ilDB->quote($a_usr_id,'integer');
77  $res = $ilDB->manipulate($query);
78 
79  return true;
80  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ revokePermission()

ilRbacAdmin::revokePermission (   $a_ref_id,
  $a_rol_id = 0,
  $a_keep_protected = true 
)

Revokes permissions of an object of one role.

Update of table rbac_pa. Revokes all permission for all roles for that object (with this reference). When a role_id is given this applies only to that role public

Parameters
integerreference id of object where permissions should be revoked
integerrole_id (optional: if you want to revoke permissions of object only for a specific role)
Returns
boolean

Definition at line 443 of file class.ilRbacAdmin.php.

References $ilDB, $ilLog, $log, $query, $res, and array.

Referenced by adjustMovedObjectPermissions(), copyRolePermissions(), and initIntersectionPermissions().

444  {
445  global $rbacreview,$log,$ilDB,$ilLog;
446 
447  if (!isset($a_ref_id))
448  {
449  $ilLog->logStack();
450  $message = get_class($this)."::revokePermission(): Missing parameter! ref_id: ".$a_ref_id;
451  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
452  }
453 #$log->write("ilRBACadmin::revokePermission(), 0");
454 
455  // bypass protected status of roles
456  if ($a_keep_protected != true)
457  {
458  // exclude system role from rbac
459  if ($a_rol_id == SYSTEM_ROLE_ID)
460  {
461  return true;
462  }
463 
464  if ($a_rol_id)
465  {
466  $and1 = " AND rol_id = ".$ilDB->quote($a_rol_id,'integer')." ";
467  }
468  else
469  {
470  $and1 = "";
471  }
472 
473  $query = "DELETE FROM rbac_pa ".
474  "WHERE ref_id = ".$ilDB->quote($a_ref_id,'integer').
475  $and1;
476 
477  $res = $ilDB->manipulate($query);
478 
479  return true;
480  }
481 
482  // consider protected status of roles
483 
484  // in any case, get all roles in scope first
485  $roles_in_scope = $rbacreview->getParentRoleIds($a_ref_id);
486 
487  if (!$a_rol_id)
488  {
489 #$log->write("ilRBACadmin::revokePermission(), 1");
490 
491  $role_ids = array();
492 
493  foreach ($roles_in_scope as $role)
494  {
495  if ($role['protected'] == true)
496  {
497  continue;
498  }
499 
500  $role_ids[] = $role['obj_id'];
501  }
502 
503  // return if no role in array
504  if (!$role_ids)
505  {
506  return true;
507  }
508 
509  $query = 'DELETE FROM rbac_pa '.
510  'WHERE '.$ilDB->in('rol_id',$role_ids,false,'integer').' '.
511  'AND ref_id = '.$ilDB->quote($a_ref_id,'integer');
512  $res = $ilDB->manipulate($query);
513  }
514  else
515  {
516 #$log->write("ilRBACadmin::revokePermission(), 2");
517  // exclude system role from rbac
518  if ($a_rol_id == SYSTEM_ROLE_ID)
519  {
520  return true;
521  }
522 
523  // exclude protected permission settings from revoking
524  if ($roles_in_scope[$a_rol_id]['protected'] == true)
525  {
526  return true;
527  }
528 
529  $query = "DELETE FROM rbac_pa ".
530  "WHERE ref_id = ".$ilDB->quote($a_ref_id,'integer')." ".
531  "AND rol_id = ".$ilDB->quote($a_rol_id,'integer')." ";
532  $res = $ilDB->manipulate($query);
533  }
534 
535  return true;
536  }
$ilLog
$ilLog
Definition: inc.setup_header.php:130
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$log
$log
Definition: inc.setup_header.php:129
+ Here is the caller graph for this function:

◆ revokePermissionList()

ilRbacAdmin::revokePermissionList (   $a_ref_ids,
  $a_rol_id 
)

Revokes permissions of a LIST of objects of ONE role.

Update of table rbac_pa. public

Parameters
arraylist of reference_ids to revoke permissions
integerrole_id
Returns
boolean

Definition at line 591 of file class.ilRbacAdmin.php.

References $ilDB, $query, and $res.

592  {
593  global $ilDB;
594 
595  if (!isset($a_ref_ids) or !is_array($a_ref_ids))
596  {
597  $message = get_class($this)."::revokePermissionList(): Missing parameter or parameter is not an array! reference_list: ".var_dump($a_ref_ids);
598  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
599  }
600 
601  if (!isset($a_rol_id))
602  {
603  $message = get_class($this)."::revokePermissionList(): Missing parameter! rol_id: ".$a_rol_id;
604  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
605  }
606 
607  // exclude system role from rbac
608  if ($a_rol_id == SYSTEM_ROLE_ID)
609  {
610  return true;
611  }
612 
613  $query = "DELETE FROM rbac_pa ".
614  "WHERE ".$ilDB->in('ref_id',$a_ref_ids,false,'integer').' '.
615  "AND rol_id = ".$ilDB->quote($a_rol_id,'integer');
616  $res = $ilDB->manipulate($query);
617 
618  return true;
619  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ revokeSubtreePermissions()

ilRbacAdmin::revokeSubtreePermissions (   $a_ref_id,
  $a_role_id 
)

Revoke subtree permissions.

Parameters
object$a_ref_id
object$a_role_id
Returns

Definition at line 544 of file class.ilRbacAdmin.php.

References $ilDB, $query, and array.

545  {
546  global $ilDB;
547 
548  $query = 'DELETE FROM rbac_pa '.
549  'WHERE ref_id IN '.
550  '( '.$GLOBALS['tree']->getSubTreeQuery($a_ref_id,array('child')).' ) '.
551  'AND rol_id = '.$ilDB->quote($a_role_id,'integer');
552 
553  $ilDB->manipulate($query);
554  return true;
555  }
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$ilDB
global $ilDB
Definition: storeScorm2004.php:16

◆ setBlockedStatus()

ilRbacAdmin::setBlockedStatus (   $a_role_id,
  $a_ref_id,
  $a_blocked_status 
)

Set blocked status.

Parameters
type$a_role_id
type$a_ref_id
type$a_blocked_status

Definition at line 48 of file class.ilRbacAdmin.php.

References $ilDB, $query, and ilLoggerFactory\getLogger().

49  {
50  global $ilDB;
51 
52  ilLoggerFactory::getLogger('crs')->logStack();
53  $query = 'UPDATE rbac_fa set blocked = '. $ilDB->quote($a_blocked_status,'integer').' '.
54  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer').' '.
55  'AND parent = '.$ilDB->quote($a_ref_id,'integer');
56  $ilDB->manipulate($query);
57  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
+ Here is the call graph for this function:

◆ setProtected()

ilRbacAdmin::setProtected (   $a_ref_id,
  $a_role_id,
  $a_value 
)

Set protected $ilDB.

Parameters
type$a_ref_id
type$a_role_id
type$a_valuey or n
Returns
boolean

Definition at line 1122 of file class.ilRbacAdmin.php.

References $ilDB, $query, and $res.

Referenced by copyRoleTemplatePermissions().

1123  {
1124  global $ilDB;
1125 
1126  // ref_id not used yet. protected permission acts 'global' for each role,
1127  // regardless of any broken inheritance before
1128  $query = 'UPDATE rbac_fa '.
1129  'SET protected = '.$ilDB->quote($a_value,'text').' '.
1130  'WHERE rol_id = '.$ilDB->quote($a_role_id,'integer');
1131  $res = $ilDB->manipulate($query);
1132  return true;
1133  }
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
+ Here is the caller graph for this function:

◆ setRolePermission()

ilRbacAdmin::setRolePermission (   $a_rol_id,
  $a_type,
  $a_ops,
  $a_ref_id 
)

Inserts template permissions in rbac_templates for an specific object type.

Update of table rbac_templates public

Parameters
integerrole_id
stringobject type
arrayoperation_ids
integerref_id of role folder object
Returns
boolean

Definition at line 952 of file class.ilRbacAdmin.php.

References $a_type, and $ilDB.

953  {
954  global $ilDB;
955 
956  if (!isset($a_rol_id) or !isset($a_type) or !isset($a_ops) or !isset($a_ref_id))
957  {
958  $message = get_class($this)."::setRolePermission(): Missing parameter!".
959  " role_id: ".$a_rol_id.
960  " type: ".$a_type.
961  " operations: ".$a_ops.
962  " ref_id: ".$a_ref_id;
963  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
964  }
965 
966  if (!is_string($a_type) or empty($a_type))
967  {
968  $message = get_class($this)."::setRolePermission(): a_type is no string or empty!";
969  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
970  }
971 
972  if (!is_array($a_ops) or empty($a_ops))
973  {
974  $message = get_class($this)."::setRolePermission(): a_ops is no array or empty!";
975  $this->ilErr->raiseError($message,$this->ilErr->WARNING);
976  }
977 
978  // exclude system role from rbac
979  if ($a_rol_id == SYSTEM_ROLE_ID)
980  {
981  return true;
982  }
983 
984  foreach($a_ops as $op)
985  {
986  $ilDB->replace(
987  'rbac_templates',
988  [
989  'rol_id' => ['integer', $a_rol_id],
990  'type' => ['text', $a_type],
991  'ops_id' => ['integer', $op],
992  'parent' => ['integer', $a_ref_id]
993  ],
994  []
995  );
996  }
997  return true;
998  }
$a_type
$a_type
Definition: workflow.php:93
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
The documentation for this class was generated from the following file: