4include_once 
"./Services/Object/classes/class.ilObjectGUI.php";
 
    5include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
    6require_once(
'./Services/Repository/classes/class.ilObjectPlugin.php');
 
   47        function __construct($a_data,$a_id,$a_call_by_reference = 
false,$a_prepare_output = 
true)
 
   51                $lng->loadLanguageModule(
'rbac');
 
   54                define(
"USER_FOLDER_ID",7);
 
   59                                ((int) $_REQUEST[
'rolf_ref_id'] ?
 
   60                                (
int) $_REQUEST[
'rolf_ref_id'] :
 
   61                                (int) $_REQUEST[
'ref_id']
 
   70                parent::__construct($a_data,$a_id,$a_call_by_reference,
false);
 
   71                $this->ctrl->saveParameter($this, array(
'obj_id', 
'rolf_ref_id'));
 
   81                $next_class = $this->ctrl->getNextClass($this);
 
   82                $cmd = $this->ctrl->getCmd();
 
   88                        case 'ilrepositorysearchgui':
 
   94                                include_once(
'./Services/Search/classes/class.ilRepositorySearchGUI.php');
 
   96                                $rep_search->setTitle($this->lng->txt(
'role_add_user'));
 
   97                                $rep_search->setCallback($this,
'addUserObject');
 
  100                                $this->tabs_gui->setTabActive(
'user_assignment');
 
  101                                $this->ctrl->setReturn($this,
'userassignment');
 
  102                                $ret =& $this->ctrl->forwardCommand($rep_search);
 
  107                                $this->tabs_gui->setTabActive(
'export');
 
  109                                include_once 
'./Services/Export/classes/class.ilExportOptions.php';
 
  113                                include_once 
'./Services/Export/classes/class.ilExportGUI.php';
 
  115                                $exp->addFormat(
'xml');
 
  116                                $this->ctrl->forwardCommand($exp);
 
  128                                                $cmd = 
'userassignment';
 
  172                $this->back_target = array(
"text" => $a_text,
 
  178                return $this->back_target ? $this->back_target : array();
 
  212                global $rbacsystem,$rbacreview;
 
  214                if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
 
  215                        $this->obj_ref_id != ROLE_FOLDER_ID)
 
  223                        $this->
__showButton(
'selectDesktopItem',$this->lng->txt(
'role_desk_add'));
 
  226                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItemsTableGUI.php';
 
  228                $this->tpl->setContent(
$tbl->getHTML());
 
  240                        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  242                if(!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
 
  244                        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  246                if(!count(
$_POST[
'del_desk_item']))
 
  255                include_once(
"./Services/Utilities/classes/class.ilConfirmationGUI.php");
 
  257                $confirmation_gui->setFormAction($this->ctrl->getFormAction($this));
 
  258                $confirmation_gui->setHeaderText($this->lng->txt(
'role_assigned_desk_items').
 
  259                        ' "'.$this->object->getTitle().
'": '.
 
  260                        $this->lng->txt(
'role_sure_delete_desk_items'));
 
  261                $confirmation_gui->setCancel($this->lng->txt(
"cancel"), 
"listDesktopItems");
 
  262                $confirmation_gui->setConfirm($this->lng->txt(
"delete"), 
"deleteDesktopItems");
 
  264                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
 
  267                foreach(
$_POST[
'del_desk_item'] as $role_item_id)
 
  269                        $item_data = $role_desk_item_obj->getItem($role_item_id);
 
  272                        if(strlen($desc = $tmp_obj->getDescription()))
 
  274                                $desc = 
'<div class="il_Description_no_margin">'.$desc.
'</div>';                                
 
  277                        $confirmation_gui->addItem(
"del_desk_item[]", $role_item_id, $tmp_obj->getTitle().$desc);
 
  280                $this->tpl->setContent($confirmation_gui->getHTML());
 
  291                        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  294                if (!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
 
  296                        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  299                if (!count(
$_POST[
'del_desk_item']))
 
  308                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
 
  312                foreach (
$_POST[
'del_desk_item'] as $role_item_id)
 
  314                        $role_desk_item_obj->delete($role_item_id);
 
  326                global $rbacsystem,
$tree;
 
  328                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
 
  329                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
 
  331                if(!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
 
  333                        #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  339                $this->tpl->addBlockFile(
"ADM_CONTENT", 
"adm_content", 
"tpl.role_desktop_item_selector.html", 
"Services/AccessControl");
 
  340                $this->
__showButton(
'listDesktopItems',$this->lng->txt(
'back'));
 
  346                $exp->setExpand(
$_GET[
"role_desk_item_link_expand"] ? 
$_GET[
"role_desk_item_link_expand"] : 
$tree->readRootId());
 
  347                $exp->setExpandTarget($this->ctrl->getLinkTarget($this,
'selectDesktopItem'));
 
  352                $this->tpl->setVariable(
"EXPLORER",
$output);
 
  362                if (!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
 
  364                        $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
 
  369                if (!isset(
$_GET[
'item_id']))
 
  377                include_once 
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
 
  384                $this->ctrl->redirect($this,
'listDesktopItems');
 
  395                include_once 
'./Services/Form/classes/class.ilPropertyFormGUI.php';
 
  398                if($this->creation_mode)
 
  400                        $this->ctrl->setParameter($this, 
"new_type", 
'role');
 
  402                $this->form->setFormAction($this->ctrl->getFormAction($this));
 
  407                                $this->form->setTitle($this->lng->txt(
'role_new'));
 
  408                                $this->form->addCommandButton(
'save',$this->lng->txt(
'role_new'));
 
  412                                $this->form->setTitle($this->lng->txt(
'role_edit'));
 
  413                                $this->form->addCommandButton(
'update', $this->lng->txt(
'save'));
 
  420                $this->form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
 
  425                        $title->setDisabled(
true);
 
  430                        $title->setValidationRegexp(
'/^(?!il_).*$/');
 
  431                        $title->setValidationFailureMessage($this->lng->txt(
'msg_role_reserved_prefix'));
 
  436                $title->setRequired(
true);
 
  437                $this->form->addItem(
$title);
 
  442                        $desc->setDisabled(
true);
 
  446                $this->form->addItem($desc);
 
  448                if($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE)
 
  451                        $this->form->addItem($ilias_id);
 
  454                if($this->obj_ref_id == ROLE_FOLDER_ID)
 
  458                        #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info')); 
  459                        $this->form->addItem($reg);
 
  463                        #$la->setInfo($this->lng->txt('rbac_local_admin_info')); 
  464                        $this->form->addItem($la);
 
  469                #$pro->setInfo($this->lng->txt('role_protext_permission_info')); 
  470                $this->form->addItem($pro);
 
  472                include_once 
'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
 
  476                        $quo->setMinValue(0);
 
  478                        $quo->setInfo($this->lng->txt(
'enter_in_mb_desc').
'<br />'.$this->lng->txt(
'disk_quota_on_role_desc'));
 
  479                        $this->form->addItem($quo);
 
  483                        $this->lng->loadLanguageModule(
"file");
 
  484                        $wquo = 
new ilNumberInputGUI($this->lng->txt(
'personal_workspace_disk_quota'),
'wsp_disk_quota');
 
  485                        $wquo->setMinValue(0);
 
  487                        $wquo->setInfo($this->lng->txt(
'enter_in_mb_desc').
'<br />'.$this->lng->txt(
'disk_quota_on_role_desc'));
 
  488                        $this->form->addItem($wquo);
 
  502                if(!$this->form->getItemByPostVar(
'title')->getDisabled())
 
  504                        $role->
setTitle($this->form->getInput(
'title'));
 
  507                if(!$this->form->getItemByPostVar(
'desc')->getDisabled())
 
  527                include_once 
'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
 
  542                $data[
'pro'] = $rbacreview->isProtected($this->obj_ref_id, $role->
getId());
 
  544                $this->form->setValuesByArray(
$data);
 
  559                if(!$rbacsystem->checkAccess(
'create_role',$this->obj_ref_id))
 
  561                        $ilErr->raiseError($this->lng->txt(
'permission_denied'),
$ilErr->MESSAGE);
 
  565                $this->tpl->setContent($this->form->getHTML());
 
  578                        $ilErr->raiseError($this->lng->txt(
"msg_no_perm_write"),
$ilErr->MESSAGE);
 
  582                if($this->object->getId() != SYSTEM_ROLE_ID)
 
  584                        $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
 
  585                        if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
 
  587                                $ilToolbar->addButton(
 
  588                                        $this->lng->txt(
'rbac_delete_role'),
 
  589                                        $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
 
  596                $this->tpl->setContent($this->form->getHTML());
 
  606                global $rbacadmin,$rbacreview;
 
  609                if($this->form->checkInput() and !$this->checkDuplicate())
 
  611                        include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  613                        $this->role->create();
 
  614                        $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id,
'y');
 
  615                        $rbacadmin->setProtected(
 
  617                                $this->role->getId(),
 
  618                                $this->form->getInput(
'pro') ? 
'y' : 
'n' 
  621                        $this->ctrl->setParameter($this,
'obj_id',$this->role->getId());
 
  622                        $this->ctrl->redirect($this,
'perm');
 
  626                $this->form->setValuesByPost();
 
  627                $this->tpl->setContent($this->form->getHTML());
 
  650                if($this->form->checkInput() and !$this->checkDuplicate($this->object->getId()))
 
  652                        include_once 
'./Services/AccessControl/classes/class.ilObjRole.php';
 
  654                        $this->
object->update();
 
  655                        $rbacadmin->setProtected(
 
  657                                $this->object->getId(),
 
  658                                $this->form->getInput(
'pro') ? 
'y' : 
'n' 
  661                        $this->ctrl->redirect($this,
'edit');
 
  665                $this->form->setValuesByPost();
 
  666                $this->tpl->setContent($this->form->getHTML());
 
  674        protected function permObject($a_show_admin_permissions = 
false)
 
  678                $ilTabs->setTabActive(
'default_perm_settings');
 
  682                if($a_show_admin_permissions)
 
  684                        $ilTabs->setSubTabActive(
'rbac_admin_permissions');
 
  688                        $ilTabs->setSubTabActive(
'rbac_repository_permissions');        
 
  693                        $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->MESSAGE);
 
  698                if($this->object->getId() != SYSTEM_ROLE_ID)
 
  700                        $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
 
  701                        $ilToolbar->addButton(
 
  702                                $this->lng->txt(
"adopt_perm_from_template"),
 
  703                                $this->ctrl->getLinkTarget($this,
'adoptPerm')
 
  705                        if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
 
  707                                $ilToolbar->addButton(
 
  708                                        $this->lng->txt(
'rbac_delete_role'),
 
  709                                        $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
 
  714                $this->tpl->addBlockFile(
 
  717                        'tpl.rbac_template_permissions.html',
 
  718                        'Services/AccessControl' 
  721                $this->tpl->setVariable(
'PERM_ACTION',$this->ctrl->getFormAction($this));
 
  723                include_once 
'./Services/Accordion/classes/class.ilAccordionGUI.php';
 
  728                if($this->obj_ref_id == ROLE_FOLDER_ID)
 
  730                        if($a_show_admin_permissions)
 
  732                                $subs = 
$objDefinition->getSubObjectsRecursively(
'adm',
true,
true);
 
  736                                $subs = 
$objDefinition->getSubObjectsRecursively(
'root',
true,$a_show_admin_permissions);
 
  745                foreach($subs as $subtype => $def)
 
  753                                $translation = $this->lng->txt(
"obj_".$subtype);
 
  757                                $translation = $this->lng->txt(
'objs_'.$subtype);
 
  760                        $sorted[$subtype] = $def;
 
  761                        $sorted[$subtype][
'translation'] = $translation;
 
  766                foreach($sorted as $subtype => $def)
 
  774                                $translation = $this->lng->txt(
"obj_".$subtype);
 
  778                                $translation = $this->lng->txt(
'objs_'.$subtype);
 
  781                        include_once 
'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
 
  786                                $this->object->getId(),
 
  788                                $a_show_admin_permissions
 
  792                        $acc->addItem($translation, 
$tbl->getHTML());
 
  795                $this->tpl->setVariable(
'ACCORDION',$acc->getHTML());
 
  798                include_once 
'./Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
 
  803                        $this->object->getId(),
 
  804                        $a_show_admin_permissions
 
  806                if($this->object->getId() != SYSTEM_ROLE_ID)
 
  809                                $a_show_admin_permissions ? 
'adminPermSave' : 
'permSave',
 
  810                                $this->lng->txt(
'save')
 
  815                $this->tpl->setVariable(
'OPTIONS_TABLE',
$options->getHTML());
 
  842                $parent_role_ids = $rbacreview->getParentRoleIds($this->obj_ref_id,
true);
 
  844                foreach($parent_role_ids as $id => $tmp)
 
  851                foreach($sorted_ids as $id)
 
  853                        $par = $parent_role_ids[$id];
 
  854                        if ($par[
"obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par[
"obj_id"])
 
  856                                $output[$key][
"role_id"] = $par[
"obj_id"];
 
  857                                $output[$key][
"type"] = ($par[
"type"] == 
'role' ? $this->lng->txt(
'obj_role') : $this->lng->txt(
'obj_rolt'));
 
  859                                $output[$key][
"role_desc"] = $par[
"desc"];
 
  865                include_once(
'./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
 
  868                $tbl->setTitle($this->lng->txt(
"adopt_perm_from_template"));
 
  871                $this->tpl->setContent(
$tbl->getHTML());
 
  882                $access = $this->
checkAccess(
'visible,write',
'edit_permission');
 
  885                        $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
 
  888                $question = $this->lng->txt(
'rbac_role_delete_qst');
 
  889                if($rbacreview->isAssigned(
$ilUser->getId(), $this->object->getId()))
 
  891                        $question .= (
'<br />'.$this->lng->txt(
'rbac_role_delete_self'));
 
  895                include_once 
'./Services/Utilities/classes/class.ilConfirmationGUI.php';
 
  898                $confirm->setFormAction($this->ctrl->getFormAction($this));
 
  899                $confirm->setHeaderText($question);
 
  900                $confirm->setCancel($this->lng->txt(
'cancel'), 
'perm');
 
  901                $confirm->setConfirm($this->lng->txt(
'rbac_delete_role'), 
'performDeleteRole');
 
  905                        $this->object->getId(),
 
  906                        $this->object->getTitle(),
 
  910                $this->tpl->setContent($confirm->getHTML());
 
  923                $access = $this->
checkAccess(
'visible,write',
'edit_permission');
 
  926                        $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
 
  929                $this->
object->setParent((
int) $this->obj_ref_id);
 
  930                $this->
object->delete();
 
  933                $this->ctrl->returnToParent($this);
 
  946                $access = $this->
checkAccess(
'visible,write',
'edit_permission');
 
  950                        $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
 
  954                include_once 
"Services/AccessControl/classes/class.ilRbacLog.php";
 
  962                if($this->obj_ref_id == ROLE_FOLDER_ID)
 
  964                        if($a_show_admin_permissions)
 
  966                                $subs = 
$objDefinition->getSubObjectsRecursively(
'adm',
true,
true);
 
  970                                $subs = 
$objDefinition->getSubObjectsRecursively(
'root',
true,
false);
 
  978                foreach($subs as $subtype => $def)
 
  981                        $rbacadmin->deleteRolePermission($this->object->getId(),$this->obj_ref_id,$subtype);
 
  984                if (empty(
$_POST[
"template_perm"]))
 
  986                        $_POST[
"template_perm"] = array();
 
  989                foreach (
$_POST[
"template_perm"] as $key => $ops_array)
 
  992                        $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->obj_ref_id);
 
 1003                $this->
object->update();
 
 1006                if ($this->obj_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id))
 
 1008                        $rbacadmin->setProtected($this->obj_ref_id,$this->object->getId(),
ilUtil::tf2yn(
$_POST[
'protected']));
 
 1011                if($a_show_admin_permissions)
 
 1013                        $_POST[
'recursive'] = 
true;
 
 1017                if(!
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list']))
 
 1020                        if($a_show_admin_permissions)
 
 1022                                $this->ctrl->redirect($this,
'adminPerm');
 
 1026                                $this->ctrl->redirect($this,
'perm');
 
 1037                if($a_show_admin_permissions)
 
 1044                        $this->
object->changeExistingObjects(
 
 1049                                #$a_show_admin_permissions ? array('adm') : array() 
 1054                        $this->
object->changeExistingObjects(
 
 1059                                #$a_show_admin_permissions ? array('adm') : array() 
 1064                if($a_show_admin_permissions)
 
 1066                        $this->ctrl->redirect($this,
'adminPerm');
 
 1070                        $this->ctrl->redirect($this,
'perm');
 
 1083                global $rbacadmin, $rbacsystem, $rbacreview, 
$tree;
 
 1092                $access = $this->
checkAccess(
'visible,write',
'edit_permission');
 
 1095                        $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
 
 1098                if ($this->object->getId() == 
$_POST[
"adopt"])
 
 1104                        $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
 
 1105                        $parentRoles = $rbacreview->getParentRoleIds($this->obj_ref_id,
true);
 
 1106                        $rbacadmin->copyRoleTemplatePermissions(
 
 1108                                $parentRoles[
$_POST[
"adopt"]][
"parent"],
 
 1110                                $this->object->getId(),
 
 1114                        $this->
object->update();
 
 1117                        $obj_data =& $this->
ilias->obj_factory->getInstanceByObjId($_POST[
"adopt"]);
 
 1118                        ilUtil::sendSuccess($this->lng->txt(
"msg_perm_adopted_from1").
" '".$obj_data->getTitle().
"'.<br/>".
 
 1119                                         $this->lng->txt(
"msg_perm_adopted_from2"),
true);
 
 1122                $this->ctrl->redirect($this, 
"perm");
 
 1132        $this->assignUserObject();
 
 1144                global $rbacreview,$rbacadmin;
 
 1146                if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
 
 1151                if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
 
 1152                        $this->obj_ref_id != ROLE_FOLDER_ID)
 
 1159                        $GLOBALS[
'lng']->loadLanguageModule(
'search');
 
 1164                $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
 
 1167                $assigned_users_new = array_diff($a_user_ids,array_intersect($a_user_ids,$assigned_users_all));
 
 1170        if (count($assigned_users_new) == 0)
 
 1173                        $this->ctrl->redirect($this,
'userassignment');
 
 1177        foreach ($assigned_users_new as $user)
 
 1179                        $rbacadmin->assignUser($this->object->getId(),$user,
false);
 
 1183                $this->
object->update();
 
 1186                $this->ctrl->redirect($this,
'userassignment');
 
 1196        global $rbacsystem, $rbacadmin, $rbacreview;
 
 1198                if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
 
 1200                        $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
 
 1203        $selected_users = (
$_POST[
"user_id"]) ? 
$_POST[
"user_id"] : array(
$_GET[
"user_id"]);
 
 1205                if ($selected_users[0]=== NULL)
 
 1207                        $this->
ilias->raiseError($this->lng->txt(
"no_checkbox"),$this->
ilias->error_obj->MESSAGE);
 
 1211                if ($this->object->getId() == SYSTEM_ROLE_ID)
 
 1213            if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !== 
false)
 
 1214                            unset($selected_users[$admin]);
 
 1218                $last_role = array();
 
 1219                $global_roles = $rbacreview->getGlobalRoles();
 
 1221                foreach ($selected_users as $user)
 
 1223                        $assigned_roles = $rbacreview->assignedRoles($user);
 
 1224                        $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
 
 1226                        if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
 
 1228                                $userObj = $this->
ilias->obj_factory->getInstanceByObjId($user);
 
 1229                                $last_role[$user] = $userObj->getFullName();
 
 1236                foreach ($selected_users as $user)
 
 1238                        if(!isset($last_role[$user]))
 
 1240                                $rbacadmin->deassignUser($this->object->getId(), $user);
 
 1245                $this->
object->update();
 
 1248                if(count($last_role))
 
 1250                        $user_list = implode(
", ",$last_role);
 
 1251                        ilUtil::sendFailure($this->lng->txt(
'msg_is_last_role').
': '.$user_list.
'<br />'.$this->lng->txt(
'msg_min_one_role'),
true);
 
 1257                $this->ctrl->redirect($this,
'userassignment');
 
 1268                if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
 
 1270                        $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
 
 1273                $this->tabs_gui->setTabActive(
'user_assignment');
 
 1275                $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.rbac_ua.html',
'Services/AccessControl');
 
 1277                include_once 
'./Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
 
 1281                include_once 
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
 
 1283                        $this->object->getId() != SYSTEM_ROLE_ID ||
 
 1285                                        !$rbacreview->isAssigned(
$ilUser->getId(),SYSTEM_ROLE_ID) or
 
 1293                        include_once 
'./Services/Search/classes/class.ilRepositorySearchGUI.php';
 
 1298                                        'auto_complete_name'    => 
$lng->txt(
'user'),
 
 1299                                        'submit_name'                   => 
$lng->txt(
'add')
 
 1310                                $this->lng->txt(
'search_user'),
 
 1311                                $this->ctrl->getLinkTargetByClass(
'ilRepositorySearchGUI',
'start')
 
 1317                        $this->lng->txt(
'role_mailto'),
 
 1318                        $this->ctrl->getLinkTarget($this,
'mailToRole')
 
 1320                $this->tpl->setVariable(
'BUTTONS_UA',$tb->getHTML());
 
 1323                include_once 
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
 
 1324                $role_assignment_editable = 
true;
 
 1326                                $this->object->getId() == SYSTEM_ROLE_ID &&
 
 1329                        $role_assignment_editable = 
false;
 
 1332                include_once 
'./Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
 
 1335                $this->tpl->setVariable(
'TABLE_UA',$ut->getHTML());
 
 1348                if (
$_GET[
"new_type"] != 
"role")
 
 1350                        $this->ctrl->redirect($this, 
"userassignment");
 
 1354                        $this->ctrl->redirectByClass(
"ilobjrolefoldergui",
"view");
 
 1361                global $rbacsystem,$rbacreview;
 
 1365                if (!is_array(
$_POST[
"role"]))
 
 1368                        $this->searchObject();
 
 1373                $this->tpl->addBlockFile(
"ADM_CONTENT", 
"adm_content", 
"tpl.role_usr_selection.html", 
"Services/AccessControl");
 
 1374                $this->
__showButton(
"searchUserForm",$this->lng->txt(
"role_new_search"));
 
 1379                foreach (
$_POST[
"role"] as $role_id)
 
 1381                        $members = array_merge($rbacreview->assignedUsers($role_id),$members);
 
 1384                $members = array_unique($members);
 
 1388                $f_result = array();
 
 1390                foreach($members as $user)
 
 1401                        $f_result[
$counter][] = $tmp_obj->getLogin();
 
 1402                        $f_result[
$counter][] = $tmp_obj->getFirstname();
 
 1403                        $f_result[
$counter][] = $tmp_obj->getLastname();
 
 1409                $this->__showSearchUserTable($f_result,$user_ids,
"listUsersRole");
 
 1417                $this->tpl->addBlockFile(
"CONTENT", 
"content", 
"tpl.adm_content.html");
 
 1418                $this->tpl->addBlockFile(
"STATUSLINE", 
"statusline", 
"tpl.statusline.html");
 
 1438                $this->tpl->setTitle($this->lng->txt(
'role'));
 
 1439                $this->tpl->setDescription($this->object->getTitle());
 
 1442                $this->
getTabs($this->tabs_gui);
 
 1451                $this->tpl->addBlockFile(
"LOCATOR", 
"locator", 
"tpl.locator.html", 
"Services/Locator");
 
 1455                foreach (
$tree->getPathFull($this->obj_ref_id) as $key => 
$row)
 
 1459                                $this->tpl->touchBlock(
'locator_separator_prefix');
 
 1462                        $this->tpl->setCurrentBlock(
"locator_item");
 
 1464                        if (
$row[
"type"] == 
'rolf')
 
 1466                                $this->tpl->setVariable(
"ITEM",$this->object->getTitle());
 
 1467                                $this->tpl->setVariable(
"LINK_ITEM",$this->ctrl->getLinkTarget($this));
 
 1469                        elseif (
$row[
"child"] != 
$tree->getRootId())
 
 1471                                $ilCtrl->setParameterByClass(
"ilrepositorygui", 
"ref_id", 
$row[
"child"]);
 
 1472                                $this->tpl->setVariable(
"ITEM", 
$row[
"title"]);
 
 1473                                $this->tpl->setVariable(
"LINK_ITEM",
 
 1474                                        $ilCtrl->getLinkTargetByClass(
"ilrepositorygui", 
""));
 
 1478                                $ilCtrl->setParameterByClass(
"ilrepositorygui", 
"ref_id", 
$row[
"child"]);
 
 1479                                $this->tpl->setVariable(
"ITEM", $this->lng->txt(
"repository"));
 
 1480                                $this->tpl->setVariable(
"LINK_ITEM",
 
 1481                                        $ilCtrl->getLinkTargetByClass(
"ilrepositorygui", 
""));
 
 1483                        $ilCtrl->setParameterByClass(
"ilrepositorygui", 
"ref_id", 
$_GET[
"ref_id"]);
 
 1485                        $this->tpl->parseCurrentBlock();
 
 1488                $this->tpl->setVariable(
"TXT_LOCATOR",$this->lng->txt(
"locator"));
 
 1489                $this->tpl->parseCurrentBlock();
 
 1500                if (
$_GET[
"admin_mode"] == 
"settings" 
 1501                        && 
$_GET[
"ref_id"] == ROLE_FOLDER_ID)   
 
 1503                        parent::addAdminLocatorItems(
true);
 
 1505                        $ilLocator->addItem($this->lng->txt(
"obj_".ilObject::_lookupType(
 
 1507                                $this->ctrl->getLinkTargetByClass(
"ilobjrolefoldergui", 
"view"));
 
 1509                        if (
$_GET[
"obj_id"] > 0)
 
 1511                                $ilLocator->addItem($this->object->getTitle(),
 
 1512                                        $this->ctrl->getLinkTarget($this, 
"view"));
 
 1526                global $rbacreview, $ilHelp;
 
 1528                $base_role_container = $rbacreview->getFoldersAssignedToRole($this->object->getId(),
true);
 
 1531                $activate_role_edit = 
false;
 
 1535                if (in_array($this->obj_ref_id,$base_role_container) ||
 
 1536                        (strtolower(
$_GET[
"baseClass"]) == 
"iladministrationgui" &&
 
 1537                        $_GET[
"admin_mode"] == 
"settings"))
 
 1539                        $activate_role_edit = 
true;
 
 1543                $this->tabs_gui->clearTargets();
 
 1545                $ilHelp->setScreenIdComponent(
"role");
 
 1547                if ($this->back_target != 
"")
 
 1549                        $this->tabs_gui->setBackTarget(
 
 1550                                $this->back_target[
"text"],$this->back_target[
"link"]);
 
 1553                if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit)
 
 1555                        $this->tabs_gui->addTarget(
"edit_properties",
 
 1556                                $this->ctrl->getLinkTarget($this, 
"edit"), array(
"edit",
"update"), get_class($this));
 
 1572                        $this->tabs_gui->addTarget(
 
 1573                                "default_perm_settings",
 
 1574                                $this->ctrl->getLinkTarget($this, 
"perm"), array(),get_class($this)
 
 1578                if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
 
 1580                        $this->tabs_gui->addTarget(
"user_assignment",
 
 1581                                $this->ctrl->getLinkTarget($this, 
"userassignment"),
 
 1582                                array(
"deassignUser", 
"userassignment", 
"assignUser", 
"searchUserForm", 
"search"),
 
 1586                if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit  && $this->object->getId() != ANONYMOUS_ROLE_ID)
 
 1588                        $this->tabs_gui->addTarget(
"desktop_items",
 
 1589                                $this->ctrl->getLinkTarget($this, 
"listDesktopItems"),
 
 1590                                array(
"listDesktopItems", 
"deleteDesktopItems", 
"selectDesktopItem", 
"askDeleteDesktopItem"),
 
 1595                        $this->tabs_gui->addTarget(
 
 1597                                        $this->ctrl->getLinkTargetByClass(
'ilExportGUI'),
 
 1607                if(count($obj_ids) > 1)
 
 1609                        $_SESSION[
'mail_roles'][] = 
'#il_role_'.$this->object->getId();
 
 1613                        require_once 
'Services/Mail/classes/Address/Type/class.ilMailRoleAddressType.php';
 
 1614                        $_SESSION[
'mail_roles'][] = ilMailRoleAddressType::getRoleMailboxAddress($this->object->getId());
 
 1617        require_once 
'Services/Mail/classes/class.ilMailFormCall.php';
 
 1624                global $rbacsystem,$ilAccess;
 
 1626                $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
 
 1628                if($this->obj_ref_id == ROLE_FOLDER_ID)
 
 1630                        return $rbacsystem->checkAccess($a_perm_global,$this->obj_ref_id);
 
 1634                        return $ilAccess->checkAccess($a_perm_obj,
'',$this->obj_ref_id);
 
 1646                if(!(
int) 
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list']))
 
 1652                if($rbacreview->isProtected($this->obj_ref_id, $this->object->getId()))
 
 1656                        return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
 
 1662                        return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
 
 1672                $protected = 
$_POST[
'protected'];
 
 1674                include_once 
'./Services/Form/classes/class.ilPropertyFormGUI.php';
 
 1676                $form->setFormAction($this->ctrl->getFormAction($this,
'changeExistingObjects'));
 
 1677                $form->setTitle($this->lng->txt(
'rbac_change_existing_confirm_tbl'));
 
 1679                $form->addCommandButton(
'changeExistingObjects', $this->lng->txt(
'change_existing_objects'));
 
 1680                $form->addCommandButton(
'perm',$this->lng->txt(
'cancel'));
 
 1685                                serialize(array(
'all')) :
 
 1686                                serialize(
$_POST[
'recursive_list'])
 
 1688                $form->addItem($hidden);
 
 1696                                $this->lng->txt(
'rbac_keep_local_policies'),
 
 1698                                $this->lng->txt(
'rbac_keep_local_policies_info')
 
 1705                                $this->lng->txt(
'rbac_keep_local_policies'),
 
 1707                                $this->lng->txt(
'rbac_unprotected_keep_local_policies_info')
 
 1711                $rad->addOption($keep);
 
 1716                                $this->lng->txt(
'rbac_delete_local_policies'),
 
 1718                                $this->lng->txt(
'rbac_delete_local_policies_info')
 
 1724                                $this->lng->txt(
'rbac_delete_local_policies'),
 
 1726                                $this->lng->txt(
'rbac_unprotected_delete_local_policies_info')
 
 1729                $rad->addOption($del);
 
 1731                $form->addItem($rad);
 
 1732                $this->tpl->setContent($form->getHTML());
 
 1741                global 
$tree,$rbacreview,$rbacadmin;
 
 1743                $mode = (int) 
$_POST[
'mode'];
 
 1749                $this->ctrl->redirect($this,
'perm');
 
 1763                        case 'default_perm_settings':
 
 1764                                if($this->obj_ref_id != ROLE_FOLDER_ID)
 
 1768                                $ilTabs->addSubTabTarget(
 
 1769                                        'rbac_repository_permissions',
 
 1770                                        $this->ctrl->getLinkTarget($this,
'perm')
 
 1772                                $ilTabs->addSubTabTarget(
 
 1773                                        'rbac_admin_permissions',
 
 1774                                        $this->ctrl->getLinkTarget($this,
'adminPerm')
 
 1787                $users = (array) 
$_POST[
'user_id'];
 
 1791                        $ilCtrl->redirect($this, 
'userassignment');
 
 1793                include_once 
'./Services/User/classes/class.ilUserClipboard.php';
 
 1798                $lng->loadLanguageModule(
'user');
 
 1800                $ilCtrl->redirect($this, 
'userassignment');
 
 1811                $review = 
$DIC->rbac()->review();
 
 1812                $logger = 
$DIC->logger()->ac();
 
 1816                        !$this->object->getId() ||
 
 1817                        $this->object->getId() == ROLE_FOLDER_ID
 
 1824                $possible_roles = [];
 
 1826                        $possible_roles = $review->getRolesOfObject(
 
 1831                catch(\InvalidArgumentException $e) {
 
 1832                        $logger->warning(
'Role access check failed: ' . $e);
 
 1834                        include_once 
"Services/Object/exceptions/class.ilObjectException.php";
 
 1835                        throw new \ilObjectException($this->lng->txt(
'permission_denied'));
 
 1838                if(!in_array($this->object->getId(), $possible_roles))
 
 1840                        $logger->warning(
'Object id: ' . $this->object->getId() .
' is not accessible for ref_id: ' . $this->obj_ref_id);
 
 1841                        include_once 
"Services/Object/exceptions/class.ilObjectException.php";
 
 1842                        throw new \ilObjectException($this->lng->txt(
'permission_denied'));
 
An exception for terminatinating execution or to throw for unit testing.
const USER_FOLDER_ID
Class ilObjUserFolder.
Accordion user interface class.
TableGUI class for role administration.
Confirmation screen class.
static _isActive()
Static getter.
static _isPersonalWorkspaceActive()
Static getter.
Export User Interface Class.
static newInstance($a_export_id)
Create new instance.
static allocateExportId()
Allocate a new export id.
This class represents a non editable value in a property form.
getAdminTabs()
admin and normal tabs are equal for roles
editObject()
Edit role properties.
getTabs()
get tabs abstract method.
performDeleteRoleObject()
Delete role.
saveObject()
Save new role.
updateObject()
Save role settings.
initFormRoleProperties($a_mode)
Create role prperty form.
userassignmentObject()
display user assignment panel
showChangeExistingObjectsConfirmation()
Show confirmation screen.
ensureRoleAccessForContext()
Ensure access to role for ref_id.
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor @access public.
setBackTarget($a_text, $a_link)
set back tab target
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
deassignUserObject()
de-assign users from role
permObject($a_show_admin_permissions=false)
Show template permissions.
loadRoleProperties(ilObjRole $role)
Store form input in role object.
assignSaveObject()
wrapper for renamed function
permSaveObject($a_show_admin_permissions=false)
save permissions
getParentType()
get type of current object (not role folder)
getContainerType()
Get type of role container.
addAdminLocatorItems($a_do_not_add_object=false)
should be overwritten to add object specific items (repository items are preloaded)
deleteDesktopItemsObject()
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
checkAccess($a_perm_global, $a_perm_obj='')
cancelObject()
cancelObject is called when an operation is canceled, method links back @access public
showDefaultPermissionSettings()
check if default permissions are shown or not
adminPermObject()
Show administration permissions.
assignDesktopItemObject()
executeCommand()
execute command
adminPermSaveObject()
Save admin permissions.
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
confirmDeleteRoleObject()
Show delete confirmation screen.
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
getParentRefId()
Get ref id of current object (not role folder id)
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
adoptPermSaveObject()
copy permissions from role
selectDesktopItemObject()
getParentObjId()
Get obj_id of current object.
setSubTabs($a_tab)
Set sub tabs.
addToClipboardObject()
Add selected users to user clipboard.
changeExistingObjectsObject()
Change existing objects.
askDeleteDesktopItemObject()
setAllowRegister($a_allow_register)
set allow_register of role
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
getPersonalWorkspaceDiskQuota()
getAllowRegister()
get allow_register
static _getTranslation($a_role_title)
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
static isAutoGenerated($a_role_id)
toggleAssignUsersStatus($a_assign_users)
setDiskQuota($a_disk_quota)
setPersonalWorkspaceDiskQuota($a_disk_quota)
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Class ilObjectGUI Basic methods of all Output classes.
__showButton($a_cmd, $a_text, $a_target='')
prepareOutput($a_show_subobjects=true)
prepare output
static lookupTxtById($plugin_id, $lang_var)
Table for object role permissions.
Table for object role permissions.
static _lookupObjId($a_id)
setTitle($a_title)
set object title
setDescription($a_desc)
set object description
getDescription()
get object description
getId()
get object id @access public
static _lookupType($a_id, $a_reference=false)
lookup object type
static _getIdsForTitle($title, $type='', $partialmatch=false)
getTitle()
get object title @access public
This class represents an option in a radio group.
static diffTemplate(array $a_old, array $a_new)
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static gatherTemplate($a_role_ref_id, $a_role_id)
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array(), $a_sticky=false)
fill toolbar with
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07....
Table for role desktop items.
static _getInstance()
Get instance of ilSecuritySettings.
This class represents a text area property in a property form.
This class represents a text property in a property form.
static getInstance($a_usr_id)
Get singelton instance.
static formCheckbox($checked, $varname, $value, $disabled=false)
??? @access public
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
static tf2yn($a_tf)
convert true/false to "y"/"n"
static sortArray($array, $a_array_sortby, $a_array_sortorder=0, $a_numeric=false, $a_keep_keys=false)
sortArray
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
static redirect($a_script)
http redirect to other script
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static MB2Bytes($a_value)
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
static infoPanel($a_keep=true)
static Bytes2MB($a_value)
if(!is_dir( $entity_dir)) exit("Fatal Error ([A-Za-z0-9]+)\s+" &#(? foreach( $entity_files as $file) $output
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
redirection script todo: (a better solution should control the processing via a xml file)
if(!is_array($argv)) $options