ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilObjRoleGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 include_once "./Services/Object/classes/class.ilObjectGUI.php";
5 include_once './Services/AccessControl/classes/class.ilObjRole.php';
6 require_once('./Services/Repository/classes/class.ilObjectPlugin.php');
7 
20 class ilObjRoleGUI extends ilObjectGUI
21 {
22  const MODE_GLOBAL_UPDATE = 1;
23  const MODE_GLOBAL_CREATE = 2;
24  const MODE_LOCAL_UPDATE = 3;
25  const MODE_LOCAL_CREATE = 4;
26 
32  var $type;
33 
34 
35  protected $obj_ref_id = 0;
36  protected $obj_obj_id = 0;
37  protected $obj_obj_type = '';
38  protected $container_type = '';
39 
40 
41  var $ctrl;
42 
47  function __construct($a_data,$a_id,$a_call_by_reference = false,$a_prepare_output = true)
48  {
49  global $tree,$lng;
50 
51  $lng->loadLanguageModule('rbac');
52 
53  //TODO: move this to class.ilias.php
54  define("USER_FOLDER_ID",7);
55 
56  // Add ref_id of object that contains this role folder
57 
58  $this->obj_ref_id =
59  ((int) $_REQUEST['rolf_ref_id'] ?
60  (int) $_REQUEST['rolf_ref_id'] :
61  (int) $_REQUEST['ref_id']
62  );
63 
64  $this->obj_obj_id = ilObject::_lookupObjId($this->getParentRefId());
65  $this->obj_obj_type = ilObject::_lookupType($this->getParentObjId());
66 
67  $this->container_type = ilObject::_lookupType(ilObject::_lookupObjId($this->obj_ref_id));
68 
69  $this->type = "role";
70  parent::__construct($a_data,$a_id,$a_call_by_reference,false);
71  $this->ctrl->saveParameter($this, array('obj_id', 'rolf_ref_id'));
72  }
73 
74 
75  function executeCommand()
76  {
77  global $rbacsystem;
78 
79  $this->prepareOutput();
80 
81  $next_class = $this->ctrl->getNextClass($this);
82  $cmd = $this->ctrl->getCmd();
83 
84  $this->ensureRoleAccessForContext();
85 
86  switch($next_class)
87  {
88  case 'ilrepositorysearchgui':
89 
90  if(!$GLOBALS['ilAccess']->checkAccess('edit_permission','', $this->obj_ref_id))
91  {
92  $GLOBALS['ilErr']->raiseError($GLOBALS['lng']->txt('permission_denied'), $GLOBALS['ilErr']->WARNING);
93  }
94  include_once('./Services/Search/classes/class.ilRepositorySearchGUI.php');
95  $rep_search = new ilRepositorySearchGUI();
96  $rep_search->setTitle($this->lng->txt('role_add_user'));
97  $rep_search->setCallback($this,'addUserObject');
98 
99  // Set tabs
100  $this->tabs_gui->setTabActive('user_assignment');
101  $this->ctrl->setReturn($this,'userassignment');
102  $ret =& $this->ctrl->forwardCommand($rep_search);
103  break;
104 
105  case 'ilexportgui':
106 
107  $this->tabs_gui->setTabActive('export');
108 
109  include_once './Services/Export/classes/class.ilExportOptions.php';
110  $eo = ilExportOptions::newInstance(ilExportOptions::allocateExportId());
111  $eo->addOption(ilExportOptions::KEY_ROOT,0,$this->object->getId(),$this->obj_ref_id);
112 
113  include_once './Services/Export/classes/class.ilExportGUI.php';
114  $exp = new ilExportGUI($this, new ilObjRole($this->object->getId()));
115  $exp->addFormat('xml');
116  $this->ctrl->forwardCommand($exp);
117  break;
118 
119  default:
120  if(!$cmd)
121  {
122  if($this->showDefaultPermissionSettings())
123  {
124  $cmd = "perm";
125  }
126  else
127  {
128  $cmd = 'userassignment';
129  }
130  }
131  $cmd .= "Object";
132  $this->$cmd();
133 
134  break;
135  }
136 
137  return true;
138  }
139 
144  public function getParentRefId()
145  {
146  return $this->obj_ref_id;
147  }
148 
153  public function getParentObjId()
154  {
155  return $this->obj_obj_id;
156  }
157 
162  public function getParentType()
163  {
164  return $this->obj_obj_type;
165  }
166 
170  function setBackTarget($a_text, $a_link)
171  {
172  $this->back_target = array("text" => $a_text,
173  "link" => $a_link);
174  }
175 
176  public function getBackTarget()
177  {
178  return $this->back_target ? $this->back_target : array();
179  }
180 
184  function getAdminTabs()
185  {
186  $this->getTabs();
187  }
188 
193  protected function getContainerType()
194  {
195  return $this->container_type;
196  }
197 
202  protected function showDefaultPermissionSettings()
203  {
204  global $objDefinition;
205 
206  return $objDefinition->isContainer($this->getContainerType());
207  }
208 
209 
210  function listDesktopItemsObject()
211  {
212  global $rbacsystem,$rbacreview;
213 
214  if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
215  $this->obj_ref_id != ROLE_FOLDER_ID)
216  {
217  ilUtil::sendInfo($this->lng->txt('role_no_users_no_desk_items'));
218  return true;
219  }
220 
221  if($rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
222  {
223  $this->__showButton('selectDesktopItem',$this->lng->txt('role_desk_add'));
224  }
225 
226  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItemsTableGUI.php';
227  $tbl = new ilRoleDesktopItemsTableGUI($this, 'listDesktopItems', $this->object);
228  $this->tpl->setContent($tbl->getHTML());
229 
230  return true;
231  }
232 
233  function askDeleteDesktopItemObject()
234  {
235  global $rbacsystem;
236 
237 
238  if(!$this->checkAccess('edit_permission'))
239  {
240  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
241  }
242  if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
243  {
244  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
245  }
246  if(!count($_POST['del_desk_item']))
247  {
248  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
249 
250  $this->listDesktopItemsObject();
251 
252  return true;
253  }
254 
255  include_once("./Services/Utilities/classes/class.ilConfirmationGUI.php");
256  $confirmation_gui = new ilConfirmationGUI();
257  $confirmation_gui->setFormAction($this->ctrl->getFormAction($this));
258  $confirmation_gui->setHeaderText($this->lng->txt('role_assigned_desk_items').
259  ' "'.$this->object->getTitle().'": '.
260  $this->lng->txt('role_sure_delete_desk_items'));
261  $confirmation_gui->setCancel($this->lng->txt("cancel"), "listDesktopItems");
262  $confirmation_gui->setConfirm($this->lng->txt("delete"), "deleteDesktopItems");
263 
264  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
265  $role_desk_item_obj = new ilRoleDesktopItem($this->object->getId());
266  $counter = 0;
267  foreach($_POST['del_desk_item'] as $role_item_id)
268  {
269  $item_data = $role_desk_item_obj->getItem($role_item_id);
270  $tmp_obj =& ilObjectFactory::getInstanceByRefId($item_data['item_id']);
271 
272  if(strlen($desc = $tmp_obj->getDescription()))
273  {
274  $desc = '<div class="il_Description_no_margin">'.$desc.'</div>';
275  }
276 
277  $confirmation_gui->addItem("del_desk_item[]", $role_item_id, $tmp_obj->getTitle().$desc);
278  }
279 
280  $this->tpl->setContent($confirmation_gui->getHTML());
281 
282  return true;
283  }
284 
285  function deleteDesktopItemsObject()
286  {
287  global $rbacsystem;
288 
289  if(!$this->checkAccess('edit_permission'))
290  {
291  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
292  }
293 
294  if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
295  {
296  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
297  }
298 
299  if (!count($_POST['del_desk_item']))
300  {
301  ilUtil::sendFailure($this->lng->txt('role_select_one_item'));
302 
303  $this->listDesktopItemsObject();
304 
305  return true;
306  }
307 
308  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
309 
310  $role_desk_item_obj = new ilRoleDesktopItem($this->object->getId());
311 
312  foreach ($_POST['del_desk_item'] as $role_item_id)
313  {
314  $role_desk_item_obj->delete($role_item_id);
315  }
316 
317  ilUtil::sendSuccess($this->lng->txt('role_deleted_desktop_items'));
318  $this->listDesktopItemsObject();
319 
320  return true;
321  }
322 
323 
324  function selectDesktopItemObject()
325  {
326  global $rbacsystem,$tree;
327 
328  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
329  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
330 
331  if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
332  {
333  #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
334  ilUtil::sendFailure($this->lng->txt('permission_denied'));
335  $this->listDesktopItemsObject();
336  return false;
337  }
338 
339  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_selector.html", "Services/AccessControl");
340  $this->__showButton('listDesktopItems',$this->lng->txt('back'));
341 
342  ilUtil::sendInfo($this->lng->txt("role_select_desktop_item"));
343 
344  $exp = new ilRoleDesktopItemSelector($this->ctrl->getLinkTarget($this,'selectDesktopItem'),
345  new ilRoleDesktopItem($this->object->getId()));
346  $exp->setExpand($_GET["role_desk_item_link_expand"] ? $_GET["role_desk_item_link_expand"] : $tree->readRootId());
347  $exp->setExpandTarget($this->ctrl->getLinkTarget($this,'selectDesktopItem'));
348 
349  $exp->setOutput(0);
350 
351  $output = $exp->getOutput();
352  $this->tpl->setVariable("EXPLORER",$output);
353  //$this->tpl->setVariable("EXPLORER", $exp->getOutput());
354 
355  return true;
356  }
357 
358  function assignDesktopItemObject()
359  {
360  global $rbacsystem;
361 
362  if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
363  {
364  $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
365  return false;
366  }
367 
368 
369  if (!isset($_GET['item_id']))
370  {
371  ilUtil::sendFailure($this->lng->txt('role_no_item_selected'));
372  $this->selectDesktopItemObject();
373 
374  return false;
375  }
376 
377  include_once 'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
378 
379  $role_desk_item_obj = new ilRoleDesktopItem($this->object->getId());
380  $role_desk_item_obj->add((int) $_GET['item_id'],ilObject::_lookupType((int) $_GET['item_id'],true));
381 
382  ilUtil::sendSuccess($this->lng->txt('role_assigned_desktop_item'));
383 
384  $this->ctrl->redirect($this,'listDesktopItems');
385  return true;
386  }
387 
393  protected function initFormRoleProperties($a_mode)
394  {
395  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
396  $this->form = new ilPropertyFormGUI();
397 
398  if($this->creation_mode)
399  {
400  $this->ctrl->setParameter($this, "new_type", 'role');
401  }
402  $this->form->setFormAction($this->ctrl->getFormAction($this));
403 
404  switch($a_mode)
405  {
406  case self::MODE_GLOBAL_CREATE:
407  $this->form->setTitle($this->lng->txt('role_new'));
408  $this->form->addCommandButton('save',$this->lng->txt('role_new'));
409  break;
410 
411  case self::MODE_GLOBAL_UPDATE:
412  $this->form->setTitle($this->lng->txt('role_edit'));
413  $this->form->addCommandButton('update', $this->lng->txt('save'));
414  break;
415 
416  case self::MODE_LOCAL_CREATE:
417  case self::MODE_LOCAL_UPDATE:
418  }
419  // Fix cancel
420  $this->form->addCommandButton('cancel', $this->lng->txt('cancel'));
421 
422  $title = new ilTextInputGUI($this->lng->txt('title'),'title');
423  if(ilObjRole::isAutoGenerated($this->object->getId()))
424  {
425  $title->setDisabled(true);
426  }
427  else
428  {
429  //#17111 No validation for disabled fields
430  $title->setValidationRegexp('/^(?!il_).*$/');
431  $title->setValidationFailureMessage($this->lng->txt('msg_role_reserved_prefix'));
432  }
433 
434  $title->setSize(40);
435  $title->setMaxLength(70);
436  $title->setRequired(true);
437  $this->form->addItem($title);
438 
439  $desc = new ilTextAreaInputGUI($this->lng->txt('description'),'desc');
440  if(ilObjRole::isAutoGenerated($this->object->getId()))
441  {
442  $desc->setDisabled(true);
443  }
444  $desc->setCols(40);
445  $desc->setRows(3);
446  $this->form->addItem($desc);
447 
448  if($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE)
449  {
450  $ilias_id = new ilNonEditableValueGUI($this->lng->txt("ilias_id"), "ilias_id");
451  $this->form->addItem($ilias_id);
452  }
453 
454  if($this->obj_ref_id == ROLE_FOLDER_ID)
455  {
456  $reg = new ilCheckboxInputGUI($this->lng->txt('allow_register'),'reg');
457  $reg->setValue(1);
458  #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
459  $this->form->addItem($reg);
460 
461  $la = new ilCheckboxInputGUI($this->lng->txt('allow_assign_users'),'la');
462  $la->setValue(1);
463  #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
464  $this->form->addItem($la);
465  }
466 
467  $pro = new ilCheckboxInputGUI($this->lng->txt('role_protect_permissions'),'pro');
468  $pro->setValue(1);
469  #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
470  $this->form->addItem($pro);
471 
472  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
473  if(ilDiskQuotaActivationChecker::_isActive())
474  {
475  $quo = new ilNumberInputGUI($this->lng->txt('disk_quota'),'disk_quota');
476  $quo->setMinValue(0);
477  $quo->setSize(4);
478  $quo->setInfo($this->lng->txt('enter_in_mb_desc').'<br />'.$this->lng->txt('disk_quota_on_role_desc'));
479  $this->form->addItem($quo);
480  }
481  if(ilDiskQuotaActivationChecker::_isPersonalWorkspaceActive())
482  {
483  $this->lng->loadLanguageModule("file");
484  $wquo = new ilNumberInputGUI($this->lng->txt('personal_workspace_disk_quota'),'wsp_disk_quota');
485  $wquo->setMinValue(0);
486  $wquo->setSize(4);
487  $wquo->setInfo($this->lng->txt('enter_in_mb_desc').'<br />'.$this->lng->txt('disk_quota_on_role_desc'));
488  $this->form->addItem($wquo);
489  }
490 
491  return true;
492  }
493 
499  protected function loadRoleProperties(ilObjRole $role)
500  {
501  //Don't set if fields are disabled to prevent html manipulation.
502  if(!$this->form->getItemByPostVar('title')->getDisabled())
503  {
504  $role->setTitle($this->form->getInput('title'));
505 
506  }
507  if(!$this->form->getItemByPostVar('desc')->getDisabled())
508  {
509  $role->setDescription($this->form->getInput('desc'));
510  }
511  $role->setAllowRegister($this->form->getInput('reg'));
512  $role->toggleAssignUsersStatus($this->form->getInput('la'));
513  $role->setDiskQuota(ilUtil::MB2Bytes($this->form->getInput('disk_quota')));
514  $role->setPersonalWorkspaceDiskQuota(ilUtil::MB2Bytes($this->form->getInput('wsp_disk_quota')));
515  return true;
516  }
517 
523  protected function readRoleProperties(ilObjRole $role)
524  {
525  global $rbacreview;
526 
527  include_once 'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
528 
529  $data['title'] = $role->getTitle();
530  $data['desc'] = $role->getDescription();
531  $data['ilias_id'] = 'il_'.IL_INST_ID.'_'.ilObject::_lookupType($role->getId()).'_'.$role->getId();
532  $data['reg'] = $role->getAllowRegister();
533  $data['la'] = $role->getAssignUsersStatus();
534  if(ilDiskQuotaActivationChecker::_isActive())
535  {
536  $data['disk_quota'] = ilUtil::Bytes2MB($role->getDiskQuota());
537  }
538  if(ilDiskQuotaActivationChecker::_isPersonalWorkspaceActive())
539  {
540  $data['wsp_disk_quota'] = ilUtil::Bytes2MB($role->getPersonalWorkspaceDiskQuota());
541  }
542  $data['pro'] = $rbacreview->isProtected($this->obj_ref_id, $role->getId());
543 
544  $this->form->setValuesByArray($data);
545  }
546 
547 
548 
549 
555  public function createObject()
556  {
557  global $rbacsystem;
558 
559  if(!$rbacsystem->checkAccess('create_role',$this->obj_ref_id))
560  {
561  $ilErr->raiseError($this->lng->txt('permission_denied'),$ilErr->MESSAGE);
562  }
563 
564  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
565  $this->tpl->setContent($this->form->getHTML());
566  }
567 
572  public function editObject()
573  {
574  global $rbacsystem, $rbacreview, $ilSetting,$ilErr,$ilToolbar;
575 
576  if(!$this->checkAccess('write','edit_permission'))
577  {
578  $ilErr->raiseError($this->lng->txt("msg_no_perm_write"),$ilErr->MESSAGE);
579  }
580 
581  // Show copy role button
582  if($this->object->getId() != SYSTEM_ROLE_ID)
583  {
584  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
585  if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
586  {
587  $ilToolbar->addButton(
588  $this->lng->txt('rbac_delete_role'),
589  $this->ctrl->getLinkTarget($this,'confirmDeleteRole')
590  );
591  }
592  }
593 
594  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
595  $this->readRoleProperties($this->object);
596  $this->tpl->setContent($this->form->getHTML());
597  }
598 
599 
604  public function saveObject()
605  {
606  global $rbacadmin,$rbacreview;
607 
608  $this->initFormRoleProperties(self::MODE_GLOBAL_CREATE);
609  if($this->form->checkInput() and !$this->checkDuplicate())
610  {
611  include_once './Services/AccessControl/classes/class.ilObjRole.php';
612  $this->loadRoleProperties($this->role = new ilObjRole());
613  $this->role->create();
614  $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id,'y');
615  $rbacadmin->setProtected(
616  $this->obj_ref_id,
617  $this->role->getId(),
618  $this->form->getInput('pro') ? 'y' : 'n'
619  );
620  ilUtil::sendSuccess($this->lng->txt("role_added"),true);
621  $this->ctrl->setParameter($this,'obj_id',$this->role->getId());
622  $this->ctrl->redirect($this,'perm');
623  }
624 
625  ilUtil::sendFailure($this->lng->txt('err_check_input'));
626  $this->form->setValuesByPost();
627  $this->tpl->setContent($this->form->getHTML());
628  return false;
629  }
630 
635  protected function checkDuplicate($a_role_id = 0)
636  {
637  // disabled due to mantis #0013742: Renaming global roles: ILIAS denies if title fits other role title partially
638  return FALSE;
639  }
640 
645  public function updateObject()
646  {
647  global $rbacadmin;
648 
649  $this->initFormRoleProperties(self::MODE_GLOBAL_UPDATE);
650  if($this->form->checkInput() and !$this->checkDuplicate($this->object->getId()))
651  {
652  include_once './Services/AccessControl/classes/class.ilObjRole.php';
653  $this->loadRoleProperties($this->object);
654  $this->object->update();
655  $rbacadmin->setProtected(
656  $this->obj_ref_id,
657  $this->object->getId(),
658  $this->form->getInput('pro') ? 'y' : 'n'
659  );
660  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
661  $this->ctrl->redirect($this,'edit');
662  }
663 
664  ilUtil::sendFailure($this->lng->txt('err_check_input'));
665  $this->form->setValuesByPost();
666  $this->tpl->setContent($this->form->getHTML());
667  return false;
668  }
669 
674  protected function permObject($a_show_admin_permissions = false)
675  {
676  global $ilTabs, $ilErr, $ilToolbar, $objDefinition,$rbacreview;
677 
678  $ilTabs->setTabActive('default_perm_settings');
679 
680  $this->setSubTabs('default_perm_settings');
681 
682  if($a_show_admin_permissions)
683  {
684  $ilTabs->setSubTabActive('rbac_admin_permissions');
685  }
686  else
687  {
688  $ilTabs->setSubTabActive('rbac_repository_permissions');
689  }
690 
691  if(!$this->checkAccess('write','edit_permission'))
692  {
693  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->MESSAGE);
694  return true;
695  }
696 
697  // Show copy role button
698  if($this->object->getId() != SYSTEM_ROLE_ID)
699  {
700  $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
701  $ilToolbar->addButton(
702  $this->lng->txt("adopt_perm_from_template"),
703  $this->ctrl->getLinkTarget($this,'adoptPerm')
704  );
705  if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
706  {
707  $ilToolbar->addButton(
708  $this->lng->txt('rbac_delete_role'),
709  $this->ctrl->getLinkTarget($this,'confirmDeleteRole')
710  );
711  }
712  }
713 
714  $this->tpl->addBlockFile(
715  'ADM_CONTENT',
716  'adm_content',
717  'tpl.rbac_template_permissions.html',
718  'Services/AccessControl'
719  );
720 
721  $this->tpl->setVariable('PERM_ACTION',$this->ctrl->getFormAction($this));
722 
723  include_once './Services/Accordion/classes/class.ilAccordionGUI.php';
724  $acc = new ilAccordionGUI();
725  $acc->setBehaviour(ilAccordionGUI::FORCE_ALL_OPEN);
726  $acc->setId('template_perm_'.$this->getParentRefId());
727 
728  if($this->obj_ref_id == ROLE_FOLDER_ID)
729  {
730  if($a_show_admin_permissions)
731  {
732  $subs = $objDefinition->getSubObjectsRecursively('adm',true,true);
733  }
734  else
735  {
736  $subs = $objDefinition->getSubObjectsRecursively('root',true,$a_show_admin_permissions);
737  }
738  }
739  else
740  {
741  $subs = $objDefinition->getSubObjectsRecursively($this->getParentType(),true,$a_show_admin_permissions);
742  }
743 
744  $sorted = array();
745  foreach($subs as $subtype => $def)
746  {
747  if($objDefinition->isPlugin($subtype))
748  {
749  $translation = ilObjectPlugin::lookupTxtById($subtype,"obj_".$subtype);
750  }
751  elseif($objDefinition->isSystemObject($subtype))
752  {
753  $translation = $this->lng->txt("obj_".$subtype);
754  }
755  else
756  {
757  $translation = $this->lng->txt('objs_'.$subtype);
758  }
759 
760  $sorted[$subtype] = $def;
761  $sorted[$subtype]['translation'] = $translation;
762  }
763 
764 
765  $sorted = ilUtil::sortArray($sorted, 'translation','asc',true,true);
766  foreach($sorted as $subtype => $def)
767  {
768  if($objDefinition->isPlugin($subtype))
769  {
770  $translation = ilObjectPlugin::lookupTxtById($subtype,"obj_".$subtype);
771  }
772  elseif($objDefinition->isSystemObject($subtype))
773  {
774  $translation = $this->lng->txt("obj_".$subtype);
775  }
776  else
777  {
778  $translation = $this->lng->txt('objs_'.$subtype);
779  }
780 
781  include_once 'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
782  $tbl = new ilObjectRoleTemplatePermissionTableGUI(
783  $this,
784  'perm',
785  $this->getParentRefId(),
786  $this->object->getId(),
787  $subtype,
788  $a_show_admin_permissions
789  );
790  $tbl->parse();
791 
792  $acc->addItem($translation, $tbl->getHTML());
793  }
794 
795  $this->tpl->setVariable('ACCORDION',$acc->getHTML());
796 
797  // Add options table
798  include_once './Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
799  $options = new ilObjectRoleTemplateOptionsTableGUI(
800  $this,
801  'perm',
802  $this->obj_ref_id,
803  $this->object->getId(),
804  $a_show_admin_permissions
805  );
806  if($this->object->getId() != SYSTEM_ROLE_ID)
807  {
808  $options->addMultiCommand(
809  $a_show_admin_permissions ? 'adminPermSave' : 'permSave',
810  $this->lng->txt('save')
811  );
812  }
813 
814  $options->parse();
815  $this->tpl->setVariable('OPTIONS_TABLE',$options->getHTML());
816  }
817 
822  protected function adminPermObject()
823  {
824  return $this->permObject(true);
825  }
826 
831  protected function adminPermSaveObject()
832  {
833  return $this->permSaveObject(true);
834  }
835 
836  protected function adoptPermObject()
837  {
838  global $rbacreview;
839 
840  $output = array();
841 
842  $parent_role_ids = $rbacreview->getParentRoleIds($this->obj_ref_id,true);
843  $ids = array();
844  foreach($parent_role_ids as $id => $tmp)
845  {
846  $ids[] = $id;
847  }
848  // Sort ids
849  $sorted_ids = ilUtil::_sortIds($ids,'object_data','type,title','obj_id');
850  $key = 0;
851  foreach($sorted_ids as $id)
852  {
853  $par = $parent_role_ids[$id];
854  if ($par["obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par["obj_id"])
855  {
856  $output[$key]["role_id"] = $par["obj_id"];
857  $output[$key]["type"] = ($par["type"] == 'role' ? $this->lng->txt('obj_role') : $this->lng->txt('obj_rolt'));
858  $output[$key]["role_name"] = ilObjRole::_getTranslation($par["title"]);
859  $output[$key]["role_desc"] = $par["desc"];
860  $key++;
861  }
862  }
863 
864 
865  include_once('./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
866 
867  $tbl = new ilRoleAdoptPermissionTableGUI($this, "adoptPerm");
868  $tbl->setTitle($this->lng->txt("adopt_perm_from_template"));
869  $tbl->setData($output);
870 
871  $this->tpl->setContent($tbl->getHTML());
872  }
873 
878  protected function confirmDeleteRoleObject()
879  {
880  global $ilErr,$rbacreview,$ilUser;
881 
882  $access = $this->checkAccess('visible,write','edit_permission');
883  if (!$access)
884  {
885  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->WARNING);
886  }
887 
888  $question = $this->lng->txt('rbac_role_delete_qst');
889  if($rbacreview->isAssigned($ilUser->getId(), $this->object->getId()))
890  {
891  $question .= ('<br />'.$this->lng->txt('rbac_role_delete_self'));
892  }
893  ilUtil::sendQuestion($question);
894 
895  include_once './Services/Utilities/classes/class.ilConfirmationGUI.php';
896 
897  $confirm = new ilConfirmationGUI();
898  $confirm->setFormAction($this->ctrl->getFormAction($this));
899  $confirm->setHeaderText($question);
900  $confirm->setCancel($this->lng->txt('cancel'), 'perm');
901  $confirm->setConfirm($this->lng->txt('rbac_delete_role'), 'performDeleteRole');
902 
903  $confirm->addItem(
904  'role',
905  $this->object->getId(),
906  $this->object->getTitle(),
907  ilUtil::getImagePath('icon_role.svg')
908  );
909 
910  $this->tpl->setContent($confirm->getHTML());
911  return true;
912  }
913 
914 
919  protected function performDeleteRoleObject()
920  {
921  global $ilErr;
922 
923  $access = $this->checkAccess('visible,write','edit_permission');
924  if (!$access)
925  {
926  $ilErr->raiseError($this->lng->txt('msg_no_perm_perm'),$ilErr->WARNING);
927  }
928 
929  $this->object->setParent((int) $this->obj_ref_id);
930  $this->object->delete();
931  ilUtil::sendSuccess($this->lng->txt('msg_deleted_role'),true);
932 
933  $this->ctrl->returnToParent($this);
934  }
935 
941  function permSaveObject($a_show_admin_permissions = false)
942  {
943  global $rbacsystem, $rbacadmin, $rbacreview, $objDefinition, $tree;
944 
945  // for role administration check write of global role folder
946  $access = $this->checkAccess('visible,write','edit_permission');
947 
948  if (!$access)
949  {
950  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
951  }
952 
953  // rbac log
954  include_once "Services/AccessControl/classes/class.ilRbacLog.php";
955  $rbac_log_active = ilRbacLog::isActive();
956  if($rbac_log_active)
957  {
958  $rbac_log_old = ilRbacLog::gatherTemplate($this->obj_ref_id, $this->object->getId());
959  }
960 
961  // delete all template entries of enabled types
962  if($this->obj_ref_id == ROLE_FOLDER_ID)
963  {
964  if($a_show_admin_permissions)
965  {
966  $subs = $objDefinition->getSubObjectsRecursively('adm',true,true);
967  }
968  else
969  {
970  $subs = $objDefinition->getSubObjectsRecursively('root',true,false);
971  }
972  }
973  else
974  {
975  $subs = $objDefinition->getSubObjectsRecursively($this->getParentType(),true,false);
976  }
977 
978  foreach($subs as $subtype => $def)
979  {
980  // Delete per object type
981  $rbacadmin->deleteRolePermission($this->object->getId(),$this->obj_ref_id,$subtype);
982  }
983 
984  if (empty($_POST["template_perm"]))
985  {
986  $_POST["template_perm"] = array();
987  }
988 
989  foreach ($_POST["template_perm"] as $key => $ops_array)
990  {
991  // sets new template permissions
992  $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->obj_ref_id);
993  }
994 
995  if($rbac_log_active)
996  {
997  $rbac_log_new = ilRbacLog::gatherTemplate($this->obj_ref_id, $this->object->getId());
998  $rbac_log_diff = ilRbacLog::diffTemplate($rbac_log_old, $rbac_log_new);
999  ilRbacLog::add(ilRbacLog::EDIT_TEMPLATE, $this->obj_ref_id, $rbac_log_diff);
1000  }
1001 
1002  // update object data entry (to update last modification date)
1003  $this->object->update();
1004 
1005  // set protected flag
1006  if ($this->obj_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id))
1007  {
1008  $rbacadmin->setProtected($this->obj_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST['protected']));
1009  }
1010 
1011  if($a_show_admin_permissions)
1012  {
1013  $_POST['recursive'] = true;
1014  }
1015 
1016  // Redirect if Change existing objects is not chosen
1017  if(!$_POST['recursive'] and !is_array($_POST['recursive_list']))
1018  {
1019  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1020  if($a_show_admin_permissions)
1021  {
1022  $this->ctrl->redirect($this,'adminPerm');
1023  }
1024  else
1025  {
1026  $this->ctrl->redirect($this,'perm');
1027  }
1028  }
1029  // New implementation
1030  if($this->isChangeExistingObjectsConfirmationRequired() and !$a_show_admin_permissions)
1031  {
1032  $this->showChangeExistingObjectsConfirmation();
1033  return true;
1034  }
1035 
1036  $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $this->obj_ref_id);
1037  if($a_show_admin_permissions)
1038  {
1039  $start = $tree->getParentId($this->obj_ref_id);
1040  }
1041 
1042  if($_POST['protected'])
1043  {
1044  $this->object->changeExistingObjects(
1045  $start,
1046  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
1047  array('all'),
1048  array()
1049  #$a_show_admin_permissions ? array('adm') : array()
1050  );
1051  }
1052  else
1053  {
1054  $this->object->changeExistingObjects(
1055  $start,
1056  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
1057  array('all'),
1058  array()
1059  #$a_show_admin_permissions ? array('adm') : array()
1060  );
1061  }
1062  ilUtil::sendSuccess($this->lng->txt("saved_successfully"),true);
1063 
1064  if($a_show_admin_permissions)
1065  {
1066  $this->ctrl->redirect($this,'adminPerm');
1067  }
1068  else
1069  {
1070  $this->ctrl->redirect($this,'perm');
1071  }
1072  return true;
1073  }
1074 
1075 
1081  function adoptPermSaveObject()
1082  {
1083  global $rbacadmin, $rbacsystem, $rbacreview, $tree;
1084 
1085  if(!$_POST['adopt'])
1086  {
1087  ilUtil::sendFailure($this->lng->txt('select_one'));
1088  $this->adoptPermObject();
1089  return false;
1090  }
1091 
1092  $access = $this->checkAccess('visible,write','edit_permission');
1093  if (!$access)
1094  {
1095  $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1096  }
1097 
1098  if ($this->object->getId() == $_POST["adopt"])
1099  {
1100  ilUtil::sendFailure($this->lng->txt("msg_perm_adopted_from_itself"),true);
1101  }
1102  else
1103  {
1104  $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
1105  $parentRoles = $rbacreview->getParentRoleIds($this->obj_ref_id,true);
1106  $rbacadmin->copyRoleTemplatePermissions(
1107  $_POST["adopt"],
1108  $parentRoles[$_POST["adopt"]]["parent"],
1109  $this->obj_ref_id,
1110  $this->object->getId(),
1111  false);
1112 
1113  // update object data entry (to update last modification date)
1114  $this->object->update();
1115 
1116  // send info
1117  $obj_data =& $this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
1118  ilUtil::sendSuccess($this->lng->txt("msg_perm_adopted_from1")." '".$obj_data->getTitle()."'.<br/>".
1119  $this->lng->txt("msg_perm_adopted_from2"),true);
1120  }
1121 
1122  $this->ctrl->redirect($this, "perm");
1123  }
1124 
1130  function assignSaveObject()
1131  {
1132  $this->assignUserObject();
1133  }
1134 
1135 
1136 
1142  public function addUserObject($a_user_ids)
1143  {
1144  global $rbacreview,$rbacadmin;
1145 
1146  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1147  {
1148  ilUtil::sendFailure($this->lng->txt('msg_no_perm_assign_user_to_role'),true);
1149  return false;
1150  }
1151  if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
1152  $this->obj_ref_id != ROLE_FOLDER_ID)
1153  {
1154  ilUtil::sendFailure($this->lng->txt('err_role_not_assignable'),true);
1155  return false;
1156  }
1157  if(!$a_user_ids)
1158  {
1159  $GLOBALS['lng']->loadLanguageModule('search');
1160  ilUtil::sendFailure($this->lng->txt('search_err_user_not_exist'),true);
1161  return false;
1162  }
1163 
1164  $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1165 
1166  // users to assign
1167  $assigned_users_new = array_diff($a_user_ids,array_intersect($a_user_ids,$assigned_users_all));
1168 
1169  // selected users all already assigned. stop
1170  if (count($assigned_users_new) == 0)
1171  {
1172  ilUtil::sendInfo($this->lng->txt("rbac_msg_user_already_assigned"),true);
1173  $this->ctrl->redirect($this,'userassignment');
1174  }
1175 
1176  // assign new users
1177  foreach ($assigned_users_new as $user)
1178  {
1179  $rbacadmin->assignUser($this->object->getId(),$user,false);
1180  }
1181 
1182  // update object data entry (to update last modification date)
1183  $this->object->update();
1184 
1185  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"),true);
1186  $this->ctrl->redirect($this,'userassignment');
1187  }
1188 
1194  function deassignUserObject()
1195  {
1196  global $rbacsystem, $rbacadmin, $rbacreview;
1197 
1198  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1199  {
1200  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1201  }
1202 
1203  $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
1204 
1205  if ($selected_users[0]=== NULL)
1206  {
1207  $this->ilias->raiseError($this->lng->txt("no_checkbox"),$this->ilias->error_obj->MESSAGE);
1208  }
1209 
1210  // prevent unassignment of system user from system role
1211  if ($this->object->getId() == SYSTEM_ROLE_ID)
1212  {
1213  if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !== false)
1214  unset($selected_users[$admin]);
1215  }
1216 
1217  // check for each user if the current role is his last global role before deassigning him
1218  $last_role = array();
1219  $global_roles = $rbacreview->getGlobalRoles();
1220 
1221  foreach ($selected_users as $user)
1222  {
1223  $assigned_roles = $rbacreview->assignedRoles($user);
1224  $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
1225 
1226  if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
1227  {
1228  $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
1229  $last_role[$user] = $userObj->getFullName();
1230  unset($userObj);
1231  }
1232  }
1233 
1234 
1235  // ... else perform deassignment
1236  foreach ($selected_users as $user)
1237  {
1238  if(!isset($last_role[$user]))
1239  {
1240  $rbacadmin->deassignUser($this->object->getId(), $user);
1241  }
1242  }
1243 
1244  // update object data entry (to update last modification date)
1245  $this->object->update();
1246 
1247  // raise error if last role was taken from a user...
1248  if(count($last_role))
1249  {
1250  $user_list = implode(", ",$last_role);
1251  ilUtil::sendFailure($this->lng->txt('msg_is_last_role').': '.$user_list.'<br />'.$this->lng->txt('msg_min_one_role'),true);
1252  }
1253  else
1254  {
1255  ilUtil::sendSuccess($this->lng->txt("msg_userassignment_changed"), true);
1256  }
1257  $this->ctrl->redirect($this,'userassignment');
1258  }
1259 
1260 
1264  function userassignmentObject()
1265  {
1266  global $rbacreview, $rbacsystem, $lng, $ilUser;
1267 
1268  if(!$this->checkAccess('edit_userassignment','edit_permission'))
1269  {
1270  $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1271  }
1272 
1273  $this->tabs_gui->setTabActive('user_assignment');
1274 
1275  $this->tpl->addBlockFile('ADM_CONTENT','adm_content','tpl.rbac_ua.html','Services/AccessControl');
1276 
1277  include_once './Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1278  $tb = new ilToolbarGUI();
1279 
1280  // protected admin role
1281  include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1282  if(
1283  $this->object->getId() != SYSTEM_ROLE_ID ||
1284  (
1285  !$rbacreview->isAssigned($ilUser->getId(),SYSTEM_ROLE_ID) or
1286  !ilSecuritySettings::_getInstance()->isAdminRoleProtected()
1287  )
1288  )
1289  {
1290 
1291 
1292  // add member
1293  include_once './Services/Search/classes/class.ilRepositorySearchGUI.php';
1294  ilRepositorySearchGUI::fillAutoCompleteToolbar(
1295  $this,
1296  $tb,
1297  array(
1298  'auto_complete_name' => $lng->txt('user'),
1299  'submit_name' => $lng->txt('add')
1300  )
1301  );
1302 
1303  /*
1304  // add button
1305  $tb->addFormButton($lng->txt("add"), "assignUser");
1306  */
1307  $tb->addSpacer();
1308 
1309  $tb->addButton(
1310  $this->lng->txt('search_user'),
1311  $this->ctrl->getLinkTargetByClass('ilRepositorySearchGUI','start')
1312  );
1313  $tb->addSpacer();
1314  }
1315 
1316  $tb->addButton(
1317  $this->lng->txt('role_mailto'),
1318  $this->ctrl->getLinkTarget($this,'mailToRole')
1319  );
1320  $this->tpl->setVariable('BUTTONS_UA',$tb->getHTML());
1321 
1322 
1323  include_once './Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1324  $role_assignment_editable = true;
1325  if(
1326  $this->object->getId() == SYSTEM_ROLE_ID &&
1327  !ilSecuritySettings::_getInstance()->checkAdminRoleAccessible($ilUser->getId()))
1328  {
1329  $role_assignment_editable = false;
1330  }
1331 
1332  include_once './Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1333  $ut = new ilAssignedUsersTableGUI($this,'userassignment',$this->object->getId(),$role_assignment_editable);
1334 
1335  $this->tpl->setVariable('TABLE_UA',$ut->getHTML());
1336 
1337  return true;
1338 
1339  }
1340 
1341 
1346  function cancelObject()
1347  {
1348  if ($_GET["new_type"] != "role")
1349  {
1350  $this->ctrl->redirect($this, "userassignment");
1351  }
1352  else
1353  {
1354  $this->ctrl->redirectByClass("ilobjrolefoldergui","view");
1355  }
1356  }
1357 
1358 
1359  function listUsersRoleObject()
1360  {
1361  global $rbacsystem,$rbacreview;
1362 
1363  $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
1364 
1365  if (!is_array($_POST["role"]))
1366  {
1367  ilUtil::sendFailure($this->lng->txt("role_no_roles_selected"));
1368  $this->searchObject();
1369 
1370  return false;
1371  }
1372 
1373  $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html", "Services/AccessControl");
1374  $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
1375 
1376  // GET ALL MEMBERS
1377  $members = array();
1378 
1379  foreach ($_POST["role"] as $role_id)
1380  {
1381  $members = array_merge($rbacreview->assignedUsers($role_id),$members);
1382  }
1383 
1384  $members = array_unique($members);
1385 
1386  // FORMAT USER DATA
1387  $counter = 0;
1388  $f_result = array();
1389 
1390  foreach($members as $user)
1391  {
1392  if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
1393  {
1394  continue;
1395  }
1396 
1397  $user_ids[$counter] = $user;
1398 
1399  // TODO: exclude anonymous user
1400  $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
1401  $f_result[$counter][] = $tmp_obj->getLogin();
1402  $f_result[$counter][] = $tmp_obj->getFirstname();
1403  $f_result[$counter][] = $tmp_obj->getLastname();
1404 
1405  unset($tmp_obj);
1406  ++$counter;
1407  }
1408 
1409  $this->__showSearchUserTable($f_result,$user_ids,"listUsersRole");
1410 
1411  return true;
1412  }
1413 
1414  function __prepareOutput()
1415  {
1416  // output objects
1417  $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
1418  $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
1419 
1420  // output locator
1421  //$this->__setLocator();
1422 
1423  // output message
1424  if ($this->message)
1425  {
1426  ilUtil::sendInfo($this->message);
1427  }
1428 
1429  // display infopanel if something happened
1430  ilUtil::infoPanel();
1431 
1432  // set header
1433  $this->__setHeader();
1434  }
1435 
1436  function __setHeader()
1437  {
1438  $this->tpl->setTitle($this->lng->txt('role'));
1439  $this->tpl->setDescription($this->object->getTitle());
1440  $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.svg"));
1441 
1442  $this->getTabs($this->tabs_gui);
1443  }
1444 
1445  function __setLocator()
1446  {
1447  global $tree, $ilCtrl;
1448 
1449  return;
1450 
1451  $this->tpl->addBlockFile("LOCATOR", "locator", "tpl.locator.html", "Services/Locator");
1452 
1453  $counter = 0;
1454 
1455  foreach ($tree->getPathFull($this->obj_ref_id) as $key => $row)
1456  {
1457  if ($counter++)
1458  {
1459  $this->tpl->touchBlock('locator_separator_prefix');
1460  }
1461 
1462  $this->tpl->setCurrentBlock("locator_item");
1463 
1464  if ($row["type"] == 'rolf')
1465  {
1466  $this->tpl->setVariable("ITEM",$this->object->getTitle());
1467  $this->tpl->setVariable("LINK_ITEM",$this->ctrl->getLinkTarget($this));
1468  }
1469  elseif ($row["child"] != $tree->getRootId())
1470  {
1471  $ilCtrl->setParameterByClass("ilrepositorygui", "ref_id", $row["child"]);
1472  $this->tpl->setVariable("ITEM", $row["title"]);
1473  $this->tpl->setVariable("LINK_ITEM",
1474  $ilCtrl->getLinkTargetByClass("ilrepositorygui", ""));
1475  }
1476  else
1477  {
1478  $ilCtrl->setParameterByClass("ilrepositorygui", "ref_id", $row["child"]);
1479  $this->tpl->setVariable("ITEM", $this->lng->txt("repository"));
1480  $this->tpl->setVariable("LINK_ITEM",
1481  $ilCtrl->getLinkTargetByClass("ilrepositorygui", ""));
1482  }
1483  $ilCtrl->setParameterByClass("ilrepositorygui", "ref_id", $_GET["ref_id"]);
1484 
1485  $this->tpl->parseCurrentBlock();
1486  }
1487 
1488  $this->tpl->setVariable("TXT_LOCATOR",$this->lng->txt("locator"));
1489  $this->tpl->parseCurrentBlock();
1490  }
1491 
1496  function addAdminLocatorItems($a_do_not_add_object = false)
1497  {
1498  global $ilLocator;
1499 
1500  if ($_GET["admin_mode"] == "settings"
1501  && $_GET["ref_id"] == ROLE_FOLDER_ID) // system settings
1502  {
1503  parent::addAdminLocatorItems(true);
1504 
1505  $ilLocator->addItem($this->lng->txt("obj_".ilObject::_lookupType(
1506  ilObject::_lookupObjId($_GET["ref_id"]))),
1507  $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
1508 
1509  if ($_GET["obj_id"] > 0)
1510  {
1511  $ilLocator->addItem($this->object->getTitle(),
1512  $this->ctrl->getLinkTarget($this, "view"));
1513  }
1514  }
1515  else // repository administration
1516  {
1517  // ?
1518  }
1519  }
1520 
1521 
1522 
1523 
1524  function getTabs()
1525  {
1526  global $rbacreview, $ilHelp;
1527 
1528  $base_role_container = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
1529 
1530 
1531  $activate_role_edit = false;
1532 
1533  // todo: activate the following (allow editing of local roles in
1534  // roles administration)
1535  if (in_array($this->obj_ref_id,$base_role_container) ||
1536  (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
1537  $_GET["admin_mode"] == "settings"))
1538  {
1539  $activate_role_edit = true;
1540  }
1541 
1542  // not so nice (workaround for using tabs in repository)
1543  $this->tabs_gui->clearTargets();
1544 
1545  $ilHelp->setScreenIdComponent("role");
1546 
1547  if ($this->back_target != "")
1548  {
1549  $this->tabs_gui->setBackTarget(
1550  $this->back_target["text"],$this->back_target["link"]);
1551  }
1552 
1553  if($this->checkAccess('write','edit_permission') && $activate_role_edit)
1554  {
1555  $this->tabs_gui->addTarget("edit_properties",
1556  $this->ctrl->getLinkTarget($this, "edit"), array("edit","update"), get_class($this));
1557  }
1558 /*
1559  if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
1560  {
1561  $force_active = ($_GET["cmd"] == "perm" || $_GET["cmd"] == "")
1562  ? true
1563  : false;
1564  $this->tabs_gui->addTarget("default_perm_settings",
1565  $this->ctrl->getLinkTarget($this, "perm"), array("perm", "adoptPermSave", "permSave"),
1566  get_class($this),
1567  "", $force_active);
1568  }
1569 */
1570  if($this->checkAccess('write','edit_permission') and $this->showDefaultPermissionSettings())
1571  {
1572  $this->tabs_gui->addTarget(
1573  "default_perm_settings",
1574  $this->ctrl->getLinkTarget($this, "perm"), array(),get_class($this)
1575  );
1576  }
1577 
1578  if($this->checkAccess('write','edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
1579  {
1580  $this->tabs_gui->addTarget("user_assignment",
1581  $this->ctrl->getLinkTarget($this, "userassignment"),
1582  array("deassignUser", "userassignment", "assignUser", "searchUserForm", "search"),
1583  get_class($this));
1584  }
1585 
1586  if($this->checkAccess('write','edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
1587  {
1588  $this->tabs_gui->addTarget("desktop_items",
1589  $this->ctrl->getLinkTarget($this, "listDesktopItems"),
1590  array("listDesktopItems", "deleteDesktopItems", "selectDesktopItem", "askDeleteDesktopItem"),
1591  get_class($this));
1592  }
1593  if($this->checkAccess('write','edit_permission'))
1594  {
1595  $this->tabs_gui->addTarget(
1596  'export',
1597  $this->ctrl->getLinkTargetByClass('ilExportGUI'),
1598  array()
1599  );
1600 
1601  }
1602  }
1603 
1604  function mailToRoleObject()
1605  {
1606  $obj_ids = ilObject::_getIdsForTitle($this->object->getTitle(), $this->object->getType());
1607  if(count($obj_ids) > 1)
1608  {
1609  $_SESSION['mail_roles'][] = '#il_role_'.$this->object->getId();
1610  }
1611  else
1612  {
1613  require_once 'Services/Mail/classes/Address/Type/class.ilMailRoleAddressType.php';
1614  $_SESSION['mail_roles'][] = ilMailRoleAddressType::getRoleMailboxAddress($this->object->getId());
1615  }
1616 
1617  require_once 'Services/Mail/classes/class.ilMailFormCall.php';
1618  $script = ilMailFormCall::getRedirectTarget($this, 'userassignment', array(), array('type' => 'role'));
1619  ilUtil::redirect($script);
1620  }
1621 
1622  function checkAccess($a_perm_global,$a_perm_obj = '')
1623  {
1624  global $rbacsystem,$ilAccess;
1625 
1626  $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
1627 
1628  if($this->obj_ref_id == ROLE_FOLDER_ID)
1629  {
1630  return $rbacsystem->checkAccess($a_perm_global,$this->obj_ref_id);
1631  }
1632  else
1633  {
1634  return $ilAccess->checkAccess($a_perm_obj,'',$this->obj_ref_id);
1635  }
1636  }
1637 
1642  protected function isChangeExistingObjectsConfirmationRequired()
1643  {
1644  global $rbacreview;
1645 
1646  if(!(int) $_POST['recursive'] and !is_array($_POST['recursive_list']))
1647  {
1648  return false;
1649  }
1650 
1651  // Role is protected
1652  if($rbacreview->isProtected($this->obj_ref_id, $this->object->getId()))
1653  {
1654  // TODO: check if recursive_list is enabled
1655  // and if yes: check if inheritance is broken for the relevant object types
1656  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1657  }
1658  else
1659  {
1660  // TODO: check if recursive_list is enabled
1661  // and if yes: check if inheritance is broken for the relevant object types
1662  return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1663  }
1664  }
1665 
1670  protected function showChangeExistingObjectsConfirmation()
1671  {
1672  $protected = $_POST['protected'];
1673 
1674  include_once './Services/Form/classes/class.ilPropertyFormGUI.php';
1675  $form = new ilPropertyFormGUI();
1676  $form->setFormAction($this->ctrl->getFormAction($this,'changeExistingObjects'));
1677  $form->setTitle($this->lng->txt('rbac_change_existing_confirm_tbl'));
1678 
1679  $form->addCommandButton('changeExistingObjects', $this->lng->txt('change_existing_objects'));
1680  $form->addCommandButton('perm',$this->lng->txt('cancel'));
1681 
1682  $hidden = new ilHiddenInputGUI('type_filter');
1683  $hidden->setValue(
1684  $_POST['recursive'] ?
1685  serialize(array('all')) :
1686  serialize($_POST['recursive_list'])
1687  );
1688  $form->addItem($hidden);
1689 
1690  $rad = new ilRadioGroupInputGUI($this->lng->txt('rbac_local_policies'),'mode');
1691 
1692  if($protected)
1693  {
1694  $rad->setValue(ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES);
1695  $keep = new ilRadioOption(
1696  $this->lng->txt('rbac_keep_local_policies'),
1697  ilObjRole::MODE_PROTECTED_KEEP_LOCAL_POLICIES,
1698  $this->lng->txt('rbac_keep_local_policies_info')
1699  );
1700  }
1701  else
1702  {
1703  $rad->setValue(ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES);
1704  $keep = new ilRadioOption(
1705  $this->lng->txt('rbac_keep_local_policies'),
1706  ilObjRole::MODE_UNPROTECTED_KEEP_LOCAL_POLICIES,
1707  $this->lng->txt('rbac_unprotected_keep_local_policies_info')
1708  );
1709 
1710  }
1711  $rad->addOption($keep);
1712 
1713  if($protected)
1714  {
1715  $del = new ilRadioOption(
1716  $this->lng->txt('rbac_delete_local_policies'),
1717  ilObjRole::MODE_PROTECTED_DELETE_LOCAL_POLICIES,
1718  $this->lng->txt('rbac_delete_local_policies_info')
1719  );
1720  }
1721  else
1722  {
1723  $del = new ilRadioOption(
1724  $this->lng->txt('rbac_delete_local_policies'),
1725  ilObjRole::MODE_UNPROTECTED_DELETE_LOCAL_POLICIES,
1726  $this->lng->txt('rbac_unprotected_delete_local_policies_info')
1727  );
1728  }
1729  $rad->addOption($del);
1730 
1731  $form->addItem($rad);
1732  $this->tpl->setContent($form->getHTML());
1733  }
1734 
1739  protected function changeExistingObjectsObject()
1740  {
1741  global $tree,$rbacreview,$rbacadmin;
1742 
1743  $mode = (int) $_POST['mode'];
1744  $start = ($this->obj_ref_id == ROLE_FOLDER_ID ? ROOT_FOLDER_ID : $this->obj_ref_id);
1745 
1746  $this->object->changeExistingObjects($start,$mode,unserialize(ilUtil::stripSlashes($_POST['type_filter'])));
1747 
1748  ilUtil::sendSuccess($this->lng->txt('settings_saved'),true);
1749  $this->ctrl->redirect($this,'perm');
1750  }
1751 
1757  protected function setSubTabs($a_tab)
1758  {
1759  global $ilTabs;
1760 
1761  switch($a_tab)
1762  {
1763  case 'default_perm_settings':
1764  if($this->obj_ref_id != ROLE_FOLDER_ID)
1765  {
1766  return true;
1767  }
1768  $ilTabs->addSubTabTarget(
1769  'rbac_repository_permissions',
1770  $this->ctrl->getLinkTarget($this,'perm')
1771  );
1772  $ilTabs->addSubTabTarget(
1773  'rbac_admin_permissions',
1774  $this->ctrl->getLinkTarget($this,'adminPerm')
1775  );
1776  }
1777  return true;
1778  }
1779 
1783  protected function addToClipboardObject()
1784  {
1785  global $lng, $ilCtrl;
1786 
1787  $users = (array) $_POST['user_id'];
1788  if(!count($users))
1789  {
1790  ilUtil::sendFailure($this->lng->txt('select_one'),true);
1791  $ilCtrl->redirect($this, 'userassignment');
1792  }
1793  include_once './Services/User/classes/class.ilUserClipboard.php';
1794  $clip = ilUserClipboard::getInstance($GLOBALS['ilUser']->getId());
1795  $clip->add($users);
1796  $clip->save();
1797 
1798  $lng->loadLanguageModule('user');
1799  ilUtil::sendSuccess($this->lng->txt('clipboard_user_added'),true);
1800  $ilCtrl->redirect($this, 'userassignment');
1801  }
1802 
1807  protected function ensureRoleAccessForContext()
1808  {
1809  global $DIC;
1810 
1811  $review = $DIC->rbac()->review();
1812  $logger = $DIC->logger()->ac();
1813 
1814  // creation of roles
1815  if(
1816  !$this->object->getId() ||
1817  $this->object->getId() == ROLE_FOLDER_ID
1818  )
1819  {
1820  return true;
1821  }
1822 
1823 
1824  $possible_roles = [];
1825  try {
1826  $possible_roles = $review->getRolesOfObject(
1827  $this->obj_ref_id,
1828  false
1829  );
1830  }
1831  catch(\InvalidArgumentException $e) {
1832  $logger->warning('Role access check failed: ' . $e);
1833 
1834  include_once "Services/Object/exceptions/class.ilObjectException.php";
1835  throw new \ilObjectException($this->lng->txt('permission_denied'));
1836  }
1837 
1838  if(!in_array($this->object->getId(), $possible_roles))
1839  {
1840  $logger->warning('Object id: ' . $this->object->getId() .' is not accessible for ref_id: ' . $this->obj_ref_id);
1841  include_once "Services/Object/exceptions/class.ilObjectException.php";
1842  throw new \ilObjectException($this->lng->txt('permission_denied'));
1843  }
1844  return true;
1845  }
1846 } // END class.ilObjRoleGUI
1847 ?>
ilUtil\sendSuccess
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
Definition: class.ilUtil.php:4801
ilObjRoleGUI\adoptPermSaveObject
adoptPermSaveObject()
copy permissions from role
Definition: class.ilObjRoleGUI.php:1081
ilObjRole
Class ilObjRole.
Definition: class.ilObjRole.php:16
$ilErr
global $ilErr
Definition: raiseError.php:16
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilUtil\tf2yn
static tf2yn($a_tf)
convert true/false to "y"/"n"
Definition: class.ilUtil.php:3246
ilRoleDesktopItem\add
add($a_item_id, $a_item_type)
Definition: class.ilRoleDesktopItem.php:43
ilObjRoleGUI\createObject
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
Definition: class.ilObjRoleGUI.php:555
ilRoleDesktopItem
Class ilObjRoleGUI.
Definition: class.ilRoleDesktopItem.php:17
ilObjRoleGUI\setSubTabs
setSubTabs($a_tab)
Set sub tabs.
Definition: class.ilObjRoleGUI.php:1757
ilObjRoleGUI\setBackTarget
setBackTarget($a_text, $a_link)
set back tab target
Definition: class.ilObjRoleGUI.php:170
ilObjectPlugin\lookupTxtById
static lookupTxtById($plugin_id, $lang_var)
Definition: class.ilObjectPlugin.php:74
ilUserClipboard\getInstance
static getInstance($a_usr_id)
Get singelton instance.
Definition: class.ilUserClipboard.php:35
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilRoleAdoptPermissionTableGUI
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07.01.15 Time: 11:43.
Definition: class.ilRoleAdoptPermissionTableGUI.php:16
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilObjRole\getPersonalWorkspaceDiskQuota
getPersonalWorkspaceDiskQuota()
Gets the minimal personal workspace disk quota imposed by this role.
Definition: class.ilObjRole.php:323
ilObjRoleGUI\checkDuplicate
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
Definition: class.ilObjRoleGUI.php:635
ilObjRoleGUI\addToClipboardObject
addToClipboardObject()
Add selected users to user clipboard.
Definition: class.ilObjRoleGUI.php:1783
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$tbl
$tbl
Definition: example_048.php:81
ilObjRoleGUI\adminPermObject
adminPermObject()
Show administration permissions.
Definition: class.ilObjRoleGUI.php:822
ilObjRole\MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:18
ilObjectGUI\__showButton
__showButton($a_cmd, $a_text, $a_target='')
Definition: class.ilObjectGUI.php:1728
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
$cmd
$cmd
Definition: sahs_server.php:35
ilUtil\MB2Bytes
static MB2Bytes($a_value)
Definition: class.ilUtil.php:5257
ilObjRoleGUI\deassignUserObject
deassignUserObject()
de-assign users from role
Definition: class.ilObjRoleGUI.php:1194
ilObjRoleGUI\assignSaveObject
assignSaveObject()
wrapper for renamed function
Definition: class.ilObjRoleGUI.php:1130
ilObjRole\toggleAssignUsersStatus
toggleAssignUsersStatus($a_assign_users)
Definition: class.ilObjRole.php:133
ilCheckboxInputGUI
This class represents a checkbox property in a property form.
Definition: class.ilCheckboxInputGUI.php:33
ilObjRoleGUI\permObject
permObject($a_show_admin_permissions=false)
Show template permissions.
Definition: class.ilObjRoleGUI.php:674
ilObjRoleGUI\adminPermSaveObject
adminPermSaveObject()
Save admin permissions.
Definition: class.ilObjRoleGUI.php:831
ilObjRoleGUI\ensureRoleAccessForContext
ensureRoleAccessForContext()
Ensure access to role for ref_id.
Definition: class.ilObjRoleGUI.php:1807
ilObjRole\setAllowRegister
setAllowRegister($a_allow_register)
set allow_register of role
Definition: class.ilObjRole.php:252
ilRbacLog\isActive
static isActive()
Definition: class.ilRbacLog.php:25
ilUtil\sortArray
static sortArray($array, $a_array_sortby, $a_array_sortorder=0, $a_numeric=false, $a_keep_keys=false)
sortArray
Definition: class.ilUtil.php:3328
ilObjRoleGUI\cancelObject
cancelObject()
cancelObject is called when an operation is canceled, method links back public
Definition: class.ilObjRoleGUI.php:1346
ilObjRole\getAllowRegister
getAllowRegister()
get allow_register
Definition: class.ilObjRole.php:268
ilObjRole\getDiskQuota
getDiskQuota()
Gets the minimal disk quota imposed by this role.
Definition: class.ilObjRole.php:295
ilObjRoleGUI\addUserObject
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
Definition: class.ilObjRoleGUI.php:1142
ilObject\setTitle
setTitle($a_title)
set object title
Definition: class.ilObject.php:388
ilObjRole\MODE_PROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:19
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
ilObjRoleGUI\saveObject
saveObject()
Save new role.
Definition: class.ilObjRoleGUI.php:604
ilUtil\sendInfo
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
Definition: class.ilUtil.php:4757
$counter
$counter
Definition: config-scanner.php:59
ilExportGUI
Export User Interface Class.
Definition: class.ilExportGUI.php:14
ilExportOptions\newInstance
static newInstance($a_export_id)
Create new instance.
Definition: class.ilExportOptions.php:57
$output
if(!is_dir( $entity_dir)) exit("Fatal Error ([A-Za-z0-9]+)\+" &#(? foreach( $entity_files as $file) $output
Definition: generate-entity-file.php:67
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:32
ilObjectGUI\prepareOutput
prepareOutput($a_show_subobjects=true)
prepare output
Definition: class.ilObjectGUI.php:254
ilObjRole\isAutoGenerated
static isAutoGenerated($a_role_id)
Definition: class.ilObjRole.php:628
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilRadioOption\setValue
setValue($a_value)
Set Value.
Definition: class.ilRadioOption.php:91
ilNumberInputGUI\setMinValue
setMinValue($a_minvalue, $a_display_always=false)
Set Minimum Value.
Definition: class.ilNumberInputGUI.php:195
ilObjRoleGUI\permSaveObject
permSaveObject($a_show_admin_permissions=false)
save permissions
Definition: class.ilObjRoleGUI.php:941
ilObjRoleGUI\loadRoleProperties
loadRoleProperties(ilObjRole $role)
Store form input in role object.
Definition: class.ilObjRoleGUI.php:499
$options
if(!is_array($argv)) $options
Definition: tcpdf_addfont.php:137
ilObjRoleGUI\confirmDeleteRoleObject
confirmDeleteRoleObject()
Show delete confirmation screen.
Definition: class.ilObjRoleGUI.php:878
ilObject\getId
getId()
get object id public
Definition: class.ilObject.php:290
ilUtil\_sortIds
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:4683
ilObjRoleGUI\isChangeExistingObjectsConfirmationRequired
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
Definition: class.ilObjRoleGUI.php:1642
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:71
ilNumberInputGUI
This class represents a number property in a property form.
Definition: class.ilNumberInputGUI.php:14
ilObjRoleGUI\getParentObjId
getParentObjId()
Get obj_id of current object.
Definition: class.ilObjRoleGUI.php:153
ilObjRoleGUI\performDeleteRoleObject
performDeleteRoleObject()
Delete role.
Definition: class.ilObjRoleGUI.php:919
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:13
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1021
ilCheckboxInputGUI\setValue
setValue($a_value)
Set Value.
Definition: class.ilCheckboxInputGUI.php:57
ilObjRoleGUI\initFormRoleProperties
initFormRoleProperties($a_mode)
Create role prperty form.
Definition: class.ilObjRoleGUI.php:393
ilUtil\Bytes2MB
static Bytes2MB($a_value)
Definition: class.ilUtil.php:5262
ilObjRoleGUI\getParentType
getParentType()
get type of current object (not role folder)
Definition: class.ilObjRoleGUI.php:162
ilObjRoleGUI\editObject
editObject()
Edit role properties.
Definition: class.ilObjRoleGUI.php:572
ilTextInputGUI
This class represents a text property in a property form.
Definition: class.ilTextInputGUI.php:16
ilObject\getTitle
getTitle()
get object title public
Definition: class.ilObject.php:366
ilUtil\infoPanel
static infoPanel($a_keep=true)
Definition: class.ilUtil.php:4807
ilObject\getDescription
getDescription()
get object description
Definition: class.ilObject.php:402
$ilUser
$ilUser
Definition: imgupload.php:18
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilObjRoleGUI\readRoleProperties
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
Definition: class.ilObjRoleGUI.php:523
ilObjRoleGUI\showDefaultPermissionSettings
showDefaultPermissionSettings()
check if default permissions are shown or not
Definition: class.ilObjRoleGUI.php:202
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2639
ilUtil\sendQuestion
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
Definition: class.ilUtil.php:4787
ilObjRole\setPersonalWorkspaceDiskQuota
setPersonalWorkspaceDiskQuota($a_disk_quota)
Sets the minimal personal workspace disk quota imposed by this role.
Definition: class.ilObjRole.php:309
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:72
ilObjRole\_getTranslation
static _getTranslation($a_role_title)
Definition: class.ilObjRole.php:508
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1176
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4771
ilObjRoleGUI\__construct
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor public.
Definition: class.ilObjRoleGUI.php:47
ilObjRoleGUI\showChangeExistingObjectsConfirmation
showChangeExistingObjectsConfirmation()
Show confirmation screen.
Definition: class.ilObjRoleGUI.php:1670
ilRbacLog\gatherTemplate
static gatherTemplate($a_role_ref_id, $a_role_id)
Definition: class.ilRbacLog.php:124
ilObjRoleGUI\checkAccess
checkAccess($a_perm_global, $a_perm_obj='')
Definition: class.ilObjRoleGUI.php:1622
ilObjRoleGUI\getParentRefId
getParentRefId()
Get ref id of current object (not role folder id)
Definition: class.ilObjRoleGUI.php:144
ilObjRoleGUI\changeExistingObjectsObject
changeExistingObjectsObject()
Change existing objects.
Definition: class.ilObjRoleGUI.php:1739
ilObjRoleGUI\userassignmentObject
userassignmentObject()
display user assignment panel
Definition: class.ilObjRoleGUI.php:1264
ilNonEditableValueGUI
This class represents a non editable value in a property form.
Definition: class.ilNonEditableValueGUI.php:13
ilObjRole\MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
Definition: class.ilObjRole.php:20
object
Create new PHPExcel object
obj_idprivate
Definition: 01pharSimple.php:37
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilMailFormCall\getRedirectTarget
static getRedirectTarget($gui, $cmd, array $gui_params=array(), array $mail_params=array(), array $context_params=array())
Definition: class.ilMailFormCall.php:60
ilTextAreaInputGUI
This class represents a text area property in a property form.
Definition: class.ilTextAreaInputGUI.php:34
ilRbacLog\add
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
Definition: class.ilRbacLog.php:162
ilObjRole\MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
Definition: class.ilObjRole.php:21
$ret
$ret
Definition: parser.php:6
ilRbacLog\diffTemplate
static diffTemplate(array $a_old, array $a_new)
Definition: class.ilRbacLog.php:131
ilObject\_getIdsForTitle
static _getIdsForTitle($title, $type='', $partialmatch=false)
Definition: class.ilObject.php:946
ilAssignedUsersTableGUI
TableGUI class for role administration.
Definition: class.ilAssignedUsersTableGUI.php:15
ilObjectFactory\getInstanceByRefId
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Definition: class.ilObjectFactory.php:142
USER_FOLDER_ID
const USER_FOLDER_ID
Class ilObjUserFolder.
Definition: class.ilObjUserFolder.php:16
ilRbacLog\EDIT_TEMPLATE
const EDIT_TEMPLATE
Definition: class.ilRbacLog.php:21
ilObject\setDescription
setDescription($a_desc)
set object description
Definition: class.ilObject.php:413
ilObjRoleGUI\addAdminLocatorItems
addAdminLocatorItems($a_do_not_add_object=false)
should be overwritten to add object specific items (repository items are preloaded) ...
Definition: class.ilObjRoleGUI.php:1496
$DIC
global $DIC
Definition: imagemanager.php:32
ilRepositorySearchGUI\fillAutoCompleteToolbar
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array(), $a_sticky=false)
fill toolbar with
Definition: class.ilRepositorySearchGUI.php:152
ilObjRoleGUI\getAdminTabs
getAdminTabs()
admin and normal tabs are equal for roles
Definition: class.ilObjRoleGUI.php:184
ilExportOptions\allocateExportId
static allocateExportId()
Allocate a new export id.
Definition: class.ilExportOptions.php:66
ilUtil\redirect
static redirect($a_script)
http redirect to other script
Definition: class.ilUtil.php:3567
ilAccordionGUI
Accordion user interface class.
Definition: class.ilAccordionGUI.php:11
ilObjRoleGUI
Class ilObjRoleGUI.
Definition: class.ilObjRoleGUI.php:20
ilObjRoleGUI\updateObject
updateObject()
Save role settings.
Definition: class.ilObjRoleGUI.php:645
ilSecuritySettings\_getInstance
static _getInstance()
Get instance of ilSecuritySettings.
Definition: class.ilSecuritySettings.php:105
ilFormPropertyGUI\setDisabled
setDisabled($a_disabled)
Set Disabled.
Definition: class.ilFormPropertyGUI.php:191
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilObjRoleGUI\getContainerType
getContainerType()
Get type of role container.
Definition: class.ilObjRoleGUI.php:193
ilObjRole\setDiskQuota
setDiskQuota($a_disk_quota)
Sets the minimal disk quota imposed by this role.
Definition: class.ilObjRole.php:281
ilUtil\formCheckbox
static formCheckbox($checked, $varname, $value, $disabled=false)
??? public
Definition: class.ilUtil.php:451
ilConfirmationGUI
Confirmation screen class.
Definition: class.ilConfirmationGUI.php:15