4include_once
"./Services/Object/classes/class.ilObjectGUI.php";
5include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
6require_once(
'./Services/Repository/classes/class.ilObjectPlugin.php');
47 function __construct($a_data,$a_id,$a_call_by_reference =
false,$a_prepare_output =
true)
51 $lng->loadLanguageModule(
'rbac');
54 define(
"USER_FOLDER_ID",7);
59 ((int) $_REQUEST[
'rolf_ref_id'] ?
60 (
int) $_REQUEST[
'rolf_ref_id'] :
61 (int) $_REQUEST[
'ref_id']
70 parent::__construct($a_data,$a_id,$a_call_by_reference,
false);
71 $this->ctrl->saveParameter($this, array(
'obj_id',
'rolf_ref_id'));
81 $next_class = $this->ctrl->getNextClass($this);
82 $cmd = $this->ctrl->getCmd();
88 case 'ilrepositorysearchgui':
94 include_once(
'./Services/Search/classes/class.ilRepositorySearchGUI.php');
96 $rep_search->setTitle($this->lng->txt(
'role_add_user'));
97 $rep_search->setCallback($this,
'addUserObject');
100 $this->tabs_gui->setTabActive(
'user_assignment');
101 $this->ctrl->setReturn($this,
'userassignment');
102 $ret =& $this->ctrl->forwardCommand($rep_search);
107 $this->tabs_gui->setTabActive(
'export');
109 include_once
'./Services/Export/classes/class.ilExportOptions.php';
113 include_once
'./Services/Export/classes/class.ilExportGUI.php';
115 $exp->addFormat(
'xml');
116 $this->ctrl->forwardCommand($exp);
128 $cmd =
'userassignment';
172 $this->back_target = array(
"text" => $a_text,
178 return $this->back_target ? $this->back_target : array();
212 global $rbacsystem,$rbacreview;
214 if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
215 $this->obj_ref_id != ROLE_FOLDER_ID)
223 $this->
__showButton(
'selectDesktopItem',$this->lng->txt(
'role_desk_add'));
226 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItemsTableGUI.php';
228 $this->tpl->setContent(
$tbl->getHTML());
240 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
242 if(!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
244 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
246 if(!count(
$_POST[
'del_desk_item']))
255 include_once(
"./Services/Utilities/classes/class.ilConfirmationGUI.php");
257 $confirmation_gui->setFormAction($this->ctrl->getFormAction($this));
258 $confirmation_gui->setHeaderText($this->lng->txt(
'role_assigned_desk_items').
259 ' "'.$this->object->getTitle().
'": '.
260 $this->lng->txt(
'role_sure_delete_desk_items'));
261 $confirmation_gui->setCancel($this->lng->txt(
"cancel"),
"listDesktopItems");
262 $confirmation_gui->setConfirm($this->lng->txt(
"delete"),
"deleteDesktopItems");
264 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
267 foreach(
$_POST[
'del_desk_item'] as $role_item_id)
269 $item_data = $role_desk_item_obj->getItem($role_item_id);
272 if(strlen($desc = $tmp_obj->getDescription()))
274 $desc =
'<div class="il_Description_no_margin">'.$desc.
'</div>';
277 $confirmation_gui->addItem(
"del_desk_item[]", $role_item_id, $tmp_obj->getTitle().$desc);
280 $this->tpl->setContent($confirmation_gui->getHTML());
291 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
294 if (!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
296 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
299 if (!count(
$_POST[
'del_desk_item']))
308 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
312 foreach (
$_POST[
'del_desk_item'] as $role_item_id)
314 $role_desk_item_obj->delete($role_item_id);
326 global $rbacsystem,
$tree;
328 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItemSelector.php';
329 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
331 if(!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
333 #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
339 $this->tpl->addBlockFile(
"ADM_CONTENT",
"adm_content",
"tpl.role_desktop_item_selector.html",
"Services/AccessControl");
340 $this->
__showButton(
'listDesktopItems',$this->lng->txt(
'back'));
346 $exp->setExpand(
$_GET[
"role_desk_item_link_expand"] ?
$_GET[
"role_desk_item_link_expand"] :
$tree->readRootId());
347 $exp->setExpandTarget($this->ctrl->getLinkTarget($this,
'selectDesktopItem'));
352 $this->tpl->setVariable(
"EXPLORER",
$output);
362 if (!$rbacsystem->checkAccess(
'push_desktop_items',
USER_FOLDER_ID))
364 $this->
ilias->raiseError($this->lng->txt(
"permission_denied"),$this->ilias->error_obj->MESSAGE);
369 if (!isset(
$_GET[
'item_id']))
377 include_once
'Services/AccessControl/classes/class.ilRoleDesktopItem.php';
384 $this->ctrl->redirect($this,
'listDesktopItems');
395 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
398 if($this->creation_mode)
400 $this->ctrl->setParameter($this,
"new_type",
'role');
402 $this->form->setFormAction($this->ctrl->getFormAction($this));
407 $this->form->setTitle($this->lng->txt(
'role_new'));
408 $this->form->addCommandButton(
'save',$this->lng->txt(
'role_new'));
412 $this->form->setTitle($this->lng->txt(
'role_edit'));
413 $this->form->addCommandButton(
'update', $this->lng->txt(
'save'));
420 $this->form->addCommandButton(
'cancel', $this->lng->txt(
'cancel'));
425 $title->setDisabled(
true);
430 $title->setValidationRegexp(
'/^(?!il_).*$/');
431 $title->setValidationFailureMessage($this->lng->txt(
'msg_role_reserved_prefix'));
436 $title->setRequired(
true);
437 $this->form->addItem(
$title);
442 $desc->setDisabled(
true);
446 $this->form->addItem($desc);
448 if($a_mode != self::MODE_LOCAL_CREATE && $a_mode != self::MODE_GLOBAL_CREATE)
451 $this->form->addItem($ilias_id);
454 if($this->obj_ref_id == ROLE_FOLDER_ID)
458 #$reg->setInfo($this->lng->txt('rbac_new_acc_reg_info'));
459 $this->form->addItem($reg);
463 #$la->setInfo($this->lng->txt('rbac_local_admin_info'));
464 $this->form->addItem($la);
469 #$pro->setInfo($this->lng->txt('role_protext_permission_info'));
470 $this->form->addItem($pro);
472 include_once
'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
476 $quo->setMinValue(0);
478 $quo->setInfo($this->lng->txt(
'enter_in_mb_desc').
'<br />'.$this->lng->txt(
'disk_quota_on_role_desc'));
479 $this->form->addItem($quo);
483 $this->lng->loadLanguageModule(
"file");
484 $wquo =
new ilNumberInputGUI($this->lng->txt(
'personal_workspace_disk_quota'),
'wsp_disk_quota');
485 $wquo->setMinValue(0);
487 $wquo->setInfo($this->lng->txt(
'enter_in_mb_desc').
'<br />'.$this->lng->txt(
'disk_quota_on_role_desc'));
488 $this->form->addItem($wquo);
502 if(!$this->form->getItemByPostVar(
'title')->getDisabled())
504 $role->
setTitle($this->form->getInput(
'title'));
507 if(!$this->form->getItemByPostVar(
'desc')->getDisabled())
527 include_once
'Services/WebDAV/classes/class.ilDiskQuotaActivationChecker.php';
542 $data[
'pro'] = $rbacreview->isProtected($this->obj_ref_id, $role->
getId());
544 $this->form->setValuesByArray(
$data);
559 if(!$rbacsystem->checkAccess(
'create_role',$this->obj_ref_id))
561 $ilErr->raiseError($this->lng->txt(
'permission_denied'),
$ilErr->MESSAGE);
565 $this->tpl->setContent($this->form->getHTML());
578 $ilErr->raiseError($this->lng->txt(
"msg_no_perm_write"),
$ilErr->MESSAGE);
582 if($this->object->getId() != SYSTEM_ROLE_ID)
584 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
585 if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
587 $ilToolbar->addButton(
588 $this->lng->txt(
'rbac_delete_role'),
589 $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
596 $this->tpl->setContent($this->form->getHTML());
606 global $rbacadmin,$rbacreview;
609 if($this->form->checkInput() and !$this->checkDuplicate())
611 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
613 $this->role->create();
614 $rbacadmin->assignRoleToFolder($this->role->getId(), $this->obj_ref_id,
'y');
615 $rbacadmin->setProtected(
617 $this->role->getId(),
618 $this->form->getInput(
'pro') ?
'y' :
'n'
621 $this->ctrl->setParameter($this,
'obj_id',$this->role->getId());
622 $this->ctrl->redirect($this,
'perm');
626 $this->form->setValuesByPost();
627 $this->tpl->setContent($this->form->getHTML());
650 if($this->form->checkInput() and !$this->checkDuplicate($this->object->getId()))
652 include_once
'./Services/AccessControl/classes/class.ilObjRole.php';
654 $this->
object->update();
655 $rbacadmin->setProtected(
657 $this->object->getId(),
658 $this->form->getInput(
'pro') ?
'y' :
'n'
661 $this->ctrl->redirect($this,
'edit');
665 $this->form->setValuesByPost();
666 $this->tpl->setContent($this->form->getHTML());
674 protected function permObject($a_show_admin_permissions =
false)
678 $ilTabs->setTabActive(
'default_perm_settings');
682 if($a_show_admin_permissions)
684 $ilTabs->setSubTabActive(
'rbac_admin_permissions');
688 $ilTabs->setSubTabActive(
'rbac_repository_permissions');
693 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->MESSAGE);
698 if($this->object->getId() != SYSTEM_ROLE_ID)
700 $ilToolbar->setFormAction($this->ctrl->getFormAction($this));
701 $ilToolbar->addButton(
702 $this->lng->txt(
"adopt_perm_from_template"),
703 $this->ctrl->getLinkTarget($this,
'adoptPerm')
705 if($rbacreview->isDeleteable($this->object->getId(), $this->obj_ref_id))
707 $ilToolbar->addButton(
708 $this->lng->txt(
'rbac_delete_role'),
709 $this->ctrl->getLinkTarget($this,
'confirmDeleteRole')
714 $this->tpl->addBlockFile(
717 'tpl.rbac_template_permissions.html',
718 'Services/AccessControl'
721 $this->tpl->setVariable(
'PERM_ACTION',$this->ctrl->getFormAction($this));
723 include_once
'./Services/Accordion/classes/class.ilAccordionGUI.php';
728 if($this->obj_ref_id == ROLE_FOLDER_ID)
730 if($a_show_admin_permissions)
732 $subs =
$objDefinition->getSubObjectsRecursively(
'adm',
true,
true);
736 $subs =
$objDefinition->getSubObjectsRecursively(
'root',
true,$a_show_admin_permissions);
745 foreach($subs as $subtype => $def)
753 $translation = $this->lng->txt(
"obj_".$subtype);
757 $translation = $this->lng->txt(
'objs_'.$subtype);
760 $sorted[$subtype] = $def;
761 $sorted[$subtype][
'translation'] = $translation;
766 foreach($sorted as $subtype => $def)
774 $translation = $this->lng->txt(
"obj_".$subtype);
778 $translation = $this->lng->txt(
'objs_'.$subtype);
781 include_once
'Services/AccessControl/classes/class.ilObjectRoleTemplatePermissionTableGUI.php';
786 $this->object->getId(),
788 $a_show_admin_permissions
792 $acc->addItem($translation,
$tbl->getHTML());
795 $this->tpl->setVariable(
'ACCORDION',$acc->getHTML());
798 include_once
'./Services/AccessControl/classes/class.ilObjectRoleTemplateOptionsTableGUI.php';
803 $this->object->getId(),
804 $a_show_admin_permissions
806 if($this->object->getId() != SYSTEM_ROLE_ID)
809 $a_show_admin_permissions ?
'adminPermSave' :
'permSave',
810 $this->lng->txt(
'save')
815 $this->tpl->setVariable(
'OPTIONS_TABLE',
$options->getHTML());
842 $parent_role_ids = $rbacreview->getParentRoleIds($this->obj_ref_id,
true);
844 foreach($parent_role_ids as $id => $tmp)
851 foreach($sorted_ids as $id)
853 $par = $parent_role_ids[$id];
854 if ($par[
"obj_id"] != SYSTEM_ROLE_ID && $this->object->getId() != $par[
"obj_id"])
856 $output[$key][
"role_id"] = $par[
"obj_id"];
857 $output[$key][
"type"] = ($par[
"type"] ==
'role' ? $this->lng->txt(
'obj_role') : $this->lng->txt(
'obj_rolt'));
859 $output[$key][
"role_desc"] = $par[
"desc"];
865 include_once(
'./Services/AccessControl/classes/class.ilRoleAdoptPermissionTableGUI.php');
868 $tbl->setTitle($this->lng->txt(
"adopt_perm_from_template"));
871 $this->tpl->setContent(
$tbl->getHTML());
882 $access = $this->
checkAccess(
'visible,write',
'edit_permission');
885 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
888 $question = $this->lng->txt(
'rbac_role_delete_qst');
889 if($rbacreview->isAssigned(
$ilUser->getId(), $this->object->getId()))
891 $question .= (
'<br />'.$this->lng->txt(
'rbac_role_delete_self'));
895 include_once
'./Services/Utilities/classes/class.ilConfirmationGUI.php';
898 $confirm->setFormAction($this->ctrl->getFormAction($this));
899 $confirm->setHeaderText($question);
900 $confirm->setCancel($this->lng->txt(
'cancel'),
'perm');
901 $confirm->setConfirm($this->lng->txt(
'rbac_delete_role'),
'performDeleteRole');
905 $this->object->getId(),
906 $this->object->getTitle(),
910 $this->tpl->setContent($confirm->getHTML());
923 $access = $this->
checkAccess(
'visible,write',
'edit_permission');
926 $ilErr->raiseError($this->lng->txt(
'msg_no_perm_perm'),
$ilErr->WARNING);
929 $this->
object->setParent((
int) $this->obj_ref_id);
930 $this->
object->delete();
933 $this->ctrl->returnToParent($this);
946 $access = $this->
checkAccess(
'visible,write',
'edit_permission');
950 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
954 include_once
"Services/AccessControl/classes/class.ilRbacLog.php";
962 if($this->obj_ref_id == ROLE_FOLDER_ID)
964 if($a_show_admin_permissions)
966 $subs =
$objDefinition->getSubObjectsRecursively(
'adm',
true,
true);
970 $subs =
$objDefinition->getSubObjectsRecursively(
'root',
true,
false);
978 foreach($subs as $subtype => $def)
981 $rbacadmin->deleteRolePermission($this->object->getId(),$this->obj_ref_id,$subtype);
984 if (empty(
$_POST[
"template_perm"]))
986 $_POST[
"template_perm"] = array();
989 foreach (
$_POST[
"template_perm"] as $key => $ops_array)
992 $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->obj_ref_id);
1003 $this->
object->update();
1006 if ($this->obj_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id))
1008 $rbacadmin->setProtected($this->obj_ref_id,$this->object->getId(),
ilUtil::tf2yn(
$_POST[
'protected']));
1011 if($a_show_admin_permissions)
1013 $_POST[
'recursive'] =
true;
1017 if(!
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list']))
1020 if($a_show_admin_permissions)
1022 $this->ctrl->redirect($this,
'adminPerm');
1026 $this->ctrl->redirect($this,
'perm');
1037 if($a_show_admin_permissions)
1044 $this->
object->changeExistingObjects(
1049 #$a_show_admin_permissions ? array('adm') : array()
1054 $this->
object->changeExistingObjects(
1059 #$a_show_admin_permissions ? array('adm') : array()
1064 if($a_show_admin_permissions)
1066 $this->ctrl->redirect($this,
'adminPerm');
1070 $this->ctrl->redirect($this,
'perm');
1083 global $rbacadmin, $rbacsystem, $rbacreview,
$tree;
1092 $access = $this->
checkAccess(
'visible,write',
'edit_permission');
1095 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
1098 if ($this->object->getId() ==
$_POST[
"adopt"])
1104 $rbacadmin->deleteRolePermission($this->object->getId(), $this->obj_ref_id);
1105 $parentRoles = $rbacreview->getParentRoleIds($this->obj_ref_id,
true);
1106 $rbacadmin->copyRoleTemplatePermissions(
1108 $parentRoles[
$_POST[
"adopt"]][
"parent"],
1110 $this->object->getId(),
1114 $this->
object->update();
1117 $obj_data =& $this->
ilias->obj_factory->getInstanceByObjId($_POST[
"adopt"]);
1118 ilUtil::sendSuccess($this->lng->txt(
"msg_perm_adopted_from1").
" '".$obj_data->getTitle().
"'.<br/>".
1119 $this->lng->txt(
"msg_perm_adopted_from2"),
true);
1122 $this->ctrl->redirect($this,
"perm");
1132 $this->assignUserObject();
1144 global $rbacreview,$rbacadmin;
1146 if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
1151 if(!$rbacreview->isAssignable($this->object->getId(),$this->obj_ref_id) &&
1152 $this->obj_ref_id != ROLE_FOLDER_ID)
1159 $GLOBALS[
'lng']->loadLanguageModule(
'search');
1164 $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
1167 $assigned_users_new = array_diff($a_user_ids,array_intersect($a_user_ids,$assigned_users_all));
1170 if (count($assigned_users_new) == 0)
1173 $this->ctrl->redirect($this,
'userassignment');
1177 foreach ($assigned_users_new as $user)
1179 $rbacadmin->assignUser($this->object->getId(),$user,
false);
1183 $this->
object->update();
1186 $this->ctrl->redirect($this,
'userassignment');
1196 global $rbacsystem, $rbacadmin, $rbacreview;
1198 if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
1200 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1203 $selected_users = (
$_POST[
"user_id"]) ?
$_POST[
"user_id"] : array(
$_GET[
"user_id"]);
1205 if ($selected_users[0]=== NULL)
1207 $this->
ilias->raiseError($this->lng->txt(
"no_checkbox"),$this->
ilias->error_obj->MESSAGE);
1211 if ($this->object->getId() == SYSTEM_ROLE_ID)
1213 if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !==
false)
1214 unset($selected_users[$admin]);
1218 $last_role = array();
1219 $global_roles = $rbacreview->getGlobalRoles();
1221 foreach ($selected_users as $user)
1223 $assigned_roles = $rbacreview->assignedRoles($user);
1224 $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
1226 if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
1228 $userObj = $this->
ilias->obj_factory->getInstanceByObjId($user);
1229 $last_role[$user] = $userObj->getFullName();
1236 foreach ($selected_users as $user)
1238 if(!isset($last_role[$user]))
1240 $rbacadmin->deassignUser($this->object->getId(), $user);
1245 $this->
object->update();
1248 if(count($last_role))
1250 $user_list = implode(
", ",$last_role);
1251 ilUtil::sendFailure($this->lng->txt(
'msg_is_last_role').
': '.$user_list.
'<br />'.$this->lng->txt(
'msg_min_one_role'),
true);
1257 $this->ctrl->redirect($this,
'userassignment');
1268 if(!$this->
checkAccess(
'edit_userassignment',
'edit_permission'))
1270 $this->
ilias->raiseError($this->lng->txt(
"msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
1273 $this->tabs_gui->setTabActive(
'user_assignment');
1275 $this->tpl->addBlockFile(
'ADM_CONTENT',
'adm_content',
'tpl.rbac_ua.html',
'Services/AccessControl');
1277 include_once
'./Services/UIComponent/Toolbar/classes/class.ilToolbarGUI.php';
1281 include_once
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1283 $this->object->getId() != SYSTEM_ROLE_ID ||
1285 !$rbacreview->isAssigned(
$ilUser->getId(),SYSTEM_ROLE_ID) or
1293 include_once
'./Services/Search/classes/class.ilRepositorySearchGUI.php';
1298 'auto_complete_name' =>
$lng->txt(
'user'),
1299 'submit_name' =>
$lng->txt(
'add')
1310 $this->lng->txt(
'search_user'),
1311 $this->ctrl->getLinkTargetByClass(
'ilRepositorySearchGUI',
'start')
1317 $this->lng->txt(
'role_mailto'),
1318 $this->ctrl->getLinkTarget($this,
'mailToRole')
1320 $this->tpl->setVariable(
'BUTTONS_UA',$tb->getHTML());
1323 include_once
'./Services/PrivacySecurity/classes/class.ilSecuritySettings.php';
1324 $role_assignment_editable =
true;
1326 $this->object->getId() == SYSTEM_ROLE_ID &&
1329 $role_assignment_editable =
false;
1332 include_once
'./Services/AccessControl/classes/class.ilAssignedUsersTableGUI.php';
1335 $this->tpl->setVariable(
'TABLE_UA',$ut->getHTML());
1348 if (
$_GET[
"new_type"] !=
"role")
1350 $this->ctrl->redirect($this,
"userassignment");
1354 $this->ctrl->redirectByClass(
"ilobjrolefoldergui",
"view");
1361 global $rbacsystem,$rbacreview;
1365 if (!is_array(
$_POST[
"role"]))
1368 $this->searchObject();
1373 $this->tpl->addBlockFile(
"ADM_CONTENT",
"adm_content",
"tpl.role_usr_selection.html",
"Services/AccessControl");
1374 $this->
__showButton(
"searchUserForm",$this->lng->txt(
"role_new_search"));
1379 foreach (
$_POST[
"role"] as $role_id)
1381 $members = array_merge($rbacreview->assignedUsers($role_id),$members);
1384 $members = array_unique($members);
1388 $f_result = array();
1390 foreach($members as $user)
1401 $f_result[
$counter][] = $tmp_obj->getLogin();
1402 $f_result[
$counter][] = $tmp_obj->getFirstname();
1403 $f_result[
$counter][] = $tmp_obj->getLastname();
1409 $this->__showSearchUserTable($f_result,$user_ids,
"listUsersRole");
1417 $this->tpl->addBlockFile(
"CONTENT",
"content",
"tpl.adm_content.html");
1418 $this->tpl->addBlockFile(
"STATUSLINE",
"statusline",
"tpl.statusline.html");
1438 $this->tpl->setTitle($this->lng->txt(
'role'));
1439 $this->tpl->setDescription($this->object->getTitle());
1442 $this->
getTabs($this->tabs_gui);
1451 $this->tpl->addBlockFile(
"LOCATOR",
"locator",
"tpl.locator.html",
"Services/Locator");
1455 foreach (
$tree->getPathFull($this->obj_ref_id) as $key =>
$row)
1459 $this->tpl->touchBlock(
'locator_separator_prefix');
1462 $this->tpl->setCurrentBlock(
"locator_item");
1464 if (
$row[
"type"] ==
'rolf')
1466 $this->tpl->setVariable(
"ITEM",$this->object->getTitle());
1467 $this->tpl->setVariable(
"LINK_ITEM",$this->ctrl->getLinkTarget($this));
1469 elseif (
$row[
"child"] !=
$tree->getRootId())
1471 $ilCtrl->setParameterByClass(
"ilrepositorygui",
"ref_id",
$row[
"child"]);
1472 $this->tpl->setVariable(
"ITEM",
$row[
"title"]);
1473 $this->tpl->setVariable(
"LINK_ITEM",
1474 $ilCtrl->getLinkTargetByClass(
"ilrepositorygui",
""));
1478 $ilCtrl->setParameterByClass(
"ilrepositorygui",
"ref_id",
$row[
"child"]);
1479 $this->tpl->setVariable(
"ITEM", $this->lng->txt(
"repository"));
1480 $this->tpl->setVariable(
"LINK_ITEM",
1481 $ilCtrl->getLinkTargetByClass(
"ilrepositorygui",
""));
1483 $ilCtrl->setParameterByClass(
"ilrepositorygui",
"ref_id",
$_GET[
"ref_id"]);
1485 $this->tpl->parseCurrentBlock();
1488 $this->tpl->setVariable(
"TXT_LOCATOR",$this->lng->txt(
"locator"));
1489 $this->tpl->parseCurrentBlock();
1500 if (
$_GET[
"admin_mode"] ==
"settings"
1501 &&
$_GET[
"ref_id"] == ROLE_FOLDER_ID)
1503 parent::addAdminLocatorItems(
true);
1505 $ilLocator->addItem($this->lng->txt(
"obj_".ilObject::_lookupType(
1507 $this->ctrl->getLinkTargetByClass(
"ilobjrolefoldergui",
"view"));
1509 if (
$_GET[
"obj_id"] > 0)
1511 $ilLocator->addItem($this->object->getTitle(),
1512 $this->ctrl->getLinkTarget($this,
"view"));
1526 global $rbacreview, $ilHelp;
1528 $base_role_container = $rbacreview->getFoldersAssignedToRole($this->object->getId(),
true);
1531 $activate_role_edit =
false;
1535 if (in_array($this->obj_ref_id,$base_role_container) ||
1536 (strtolower(
$_GET[
"baseClass"]) ==
"iladministrationgui" &&
1537 $_GET[
"admin_mode"] ==
"settings"))
1539 $activate_role_edit =
true;
1543 $this->tabs_gui->clearTargets();
1545 $ilHelp->setScreenIdComponent(
"role");
1547 if ($this->back_target !=
"")
1549 $this->tabs_gui->setBackTarget(
1550 $this->back_target[
"text"],$this->back_target[
"link"]);
1553 if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit)
1555 $this->tabs_gui->addTarget(
"edit_properties",
1556 $this->ctrl->getLinkTarget($this,
"edit"), array(
"edit",
"update"), get_class($this));
1572 $this->tabs_gui->addTarget(
1573 "default_perm_settings",
1574 $this->ctrl->getLinkTarget($this,
"perm"), array(),get_class($this)
1578 if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
1580 $this->tabs_gui->addTarget(
"user_assignment",
1581 $this->ctrl->getLinkTarget($this,
"userassignment"),
1582 array(
"deassignUser",
"userassignment",
"assignUser",
"searchUserForm",
"search"),
1586 if($this->
checkAccess(
'write',
'edit_permission') && $activate_role_edit && $this->object->getId() != ANONYMOUS_ROLE_ID)
1588 $this->tabs_gui->addTarget(
"desktop_items",
1589 $this->ctrl->getLinkTarget($this,
"listDesktopItems"),
1590 array(
"listDesktopItems",
"deleteDesktopItems",
"selectDesktopItem",
"askDeleteDesktopItem"),
1595 $this->tabs_gui->addTarget(
1597 $this->ctrl->getLinkTargetByClass(
'ilExportGUI'),
1607 if(count($obj_ids) > 1)
1609 $_SESSION[
'mail_roles'][] =
'#il_role_'.$this->object->getId();
1613 require_once
'Services/Mail/classes/Address/Type/class.ilMailRoleAddressType.php';
1614 $_SESSION[
'mail_roles'][] = ilMailRoleAddressType::getRoleMailboxAddress($this->object->getId());
1617 require_once
'Services/Mail/classes/class.ilMailFormCall.php';
1624 global $rbacsystem,$ilAccess;
1626 $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
1628 if($this->obj_ref_id == ROLE_FOLDER_ID)
1630 return $rbacsystem->checkAccess($a_perm_global,$this->obj_ref_id);
1634 return $ilAccess->checkAccess($a_perm_obj,
'',$this->obj_ref_id);
1646 if(!(
int)
$_POST[
'recursive'] and !is_array(
$_POST[
'recursive_list']))
1652 if($rbacreview->isProtected($this->obj_ref_id, $this->object->getId()))
1656 return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1662 return count($rbacreview->getFoldersAssignedToRole($this->object->getId())) > 1;
1672 $protected =
$_POST[
'protected'];
1674 include_once
'./Services/Form/classes/class.ilPropertyFormGUI.php';
1676 $form->setFormAction($this->ctrl->getFormAction($this,
'changeExistingObjects'));
1677 $form->setTitle($this->lng->txt(
'rbac_change_existing_confirm_tbl'));
1679 $form->addCommandButton(
'changeExistingObjects', $this->lng->txt(
'change_existing_objects'));
1680 $form->addCommandButton(
'perm',$this->lng->txt(
'cancel'));
1685 serialize(array(
'all')) :
1686 serialize(
$_POST[
'recursive_list'])
1688 $form->addItem($hidden);
1696 $this->lng->txt(
'rbac_keep_local_policies'),
1698 $this->lng->txt(
'rbac_keep_local_policies_info')
1705 $this->lng->txt(
'rbac_keep_local_policies'),
1707 $this->lng->txt(
'rbac_unprotected_keep_local_policies_info')
1711 $rad->addOption($keep);
1716 $this->lng->txt(
'rbac_delete_local_policies'),
1718 $this->lng->txt(
'rbac_delete_local_policies_info')
1724 $this->lng->txt(
'rbac_delete_local_policies'),
1726 $this->lng->txt(
'rbac_unprotected_delete_local_policies_info')
1729 $rad->addOption($del);
1731 $form->addItem($rad);
1732 $this->tpl->setContent($form->getHTML());
1741 global
$tree,$rbacreview,$rbacadmin;
1743 $mode = (int)
$_POST[
'mode'];
1749 $this->ctrl->redirect($this,
'perm');
1763 case 'default_perm_settings':
1764 if($this->obj_ref_id != ROLE_FOLDER_ID)
1768 $ilTabs->addSubTabTarget(
1769 'rbac_repository_permissions',
1770 $this->ctrl->getLinkTarget($this,
'perm')
1772 $ilTabs->addSubTabTarget(
1773 'rbac_admin_permissions',
1774 $this->ctrl->getLinkTarget($this,
'adminPerm')
1787 $users = (array)
$_POST[
'user_id'];
1791 $ilCtrl->redirect($this,
'userassignment');
1793 include_once
'./Services/User/classes/class.ilUserClipboard.php';
1798 $lng->loadLanguageModule(
'user');
1800 $ilCtrl->redirect($this,
'userassignment');
1811 $review =
$DIC->rbac()->review();
1812 $logger =
$DIC->logger()->ac();
1816 !$this->object->getId() ||
1817 $this->object->getId() == ROLE_FOLDER_ID
1824 $possible_roles = [];
1826 $possible_roles = $review->getRolesOfObject(
1831 catch(\InvalidArgumentException $e) {
1832 $logger->warning(
'Role access check failed: ' . $e);
1834 include_once
"Services/Object/exceptions/class.ilObjectException.php";
1835 throw new \ilObjectException($this->lng->txt(
'permission_denied'));
1838 if(!in_array($this->object->getId(), $possible_roles))
1840 $logger->warning(
'Object id: ' . $this->object->getId() .
' is not accessible for ref_id: ' . $this->obj_ref_id);
1841 include_once
"Services/Object/exceptions/class.ilObjectException.php";
1842 throw new \ilObjectException($this->lng->txt(
'permission_denied'));
An exception for terminatinating execution or to throw for unit testing.
const USER_FOLDER_ID
Class ilObjUserFolder.
Accordion user interface class.
TableGUI class for role administration.
Confirmation screen class.
static _isActive()
Static getter.
static _isPersonalWorkspaceActive()
Static getter.
Export User Interface Class.
static newInstance($a_export_id)
Create new instance.
static allocateExportId()
Allocate a new export id.
This class represents a non editable value in a property form.
getAdminTabs()
admin and normal tabs are equal for roles
editObject()
Edit role properties.
getTabs()
get tabs abstract method.
performDeleteRoleObject()
Delete role.
saveObject()
Save new role.
updateObject()
Save role settings.
initFormRoleProperties($a_mode)
Create role prperty form.
userassignmentObject()
display user assignment panel
showChangeExistingObjectsConfirmation()
Show confirmation screen.
ensureRoleAccessForContext()
Ensure access to role for ref_id.
__construct($a_data, $a_id, $a_call_by_reference=false, $a_prepare_output=true)
Constructor @access public.
setBackTarget($a_text, $a_link)
set back tab target
readRoleProperties(ilObjRole $role)
Read role properties and write them to form.
deassignUserObject()
de-assign users from role
permObject($a_show_admin_permissions=false)
Show template permissions.
loadRoleProperties(ilObjRole $role)
Store form input in role object.
assignSaveObject()
wrapper for renamed function
permSaveObject($a_show_admin_permissions=false)
save permissions
getParentType()
get type of current object (not role folder)
getContainerType()
Get type of role container.
addAdminLocatorItems($a_do_not_add_object=false)
should be overwritten to add object specific items (repository items are preloaded)
deleteDesktopItemsObject()
addUserObject($a_user_ids)
Assign user (callback from ilRepositorySearchGUI)
checkAccess($a_perm_global, $a_perm_obj='')
cancelObject()
cancelObject is called when an operation is canceled, method links back @access public
showDefaultPermissionSettings()
check if default permissions are shown or not
adminPermObject()
Show administration permissions.
assignDesktopItemObject()
executeCommand()
execute command
adminPermSaveObject()
Save admin permissions.
checkDuplicate($a_role_id=0)
Check if role with same name already exists in this folder.
confirmDeleteRoleObject()
Show delete confirmation screen.
createObject()
Only called from administration -> role folder ? Otherwise this check access is wrong.
getParentRefId()
Get ref id of current object (not role folder id)
isChangeExistingObjectsConfirmationRequired()
Check if a confirmation about further settings is required or not.
adoptPermSaveObject()
copy permissions from role
selectDesktopItemObject()
getParentObjId()
Get obj_id of current object.
setSubTabs($a_tab)
Set sub tabs.
addToClipboardObject()
Add selected users to user clipboard.
changeExistingObjectsObject()
Change existing objects.
askDeleteDesktopItemObject()
setAllowRegister($a_allow_register)
set allow_register of role
const MODE_UNPROTECTED_KEEP_LOCAL_POLICIES
const MODE_PROTECTED_DELETE_LOCAL_POLICIES
const MODE_UNPROTECTED_DELETE_LOCAL_POLICIES
getPersonalWorkspaceDiskQuota()
getAllowRegister()
get allow_register
static _getTranslation($a_role_title)
const MODE_PROTECTED_KEEP_LOCAL_POLICIES
static isAutoGenerated($a_role_id)
toggleAssignUsersStatus($a_assign_users)
setDiskQuota($a_disk_quota)
setPersonalWorkspaceDiskQuota($a_disk_quota)
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
static getInstanceByRefId($a_ref_id, $stop_on_error=true)
get an instance of an Ilias object by reference id
Class ilObjectGUI Basic methods of all Output classes.
__showButton($a_cmd, $a_text, $a_target='')
prepareOutput($a_show_subobjects=true)
prepare output
static lookupTxtById($plugin_id, $lang_var)
Table for object role permissions.
Table for object role permissions.
static _lookupObjId($a_id)
setTitle($a_title)
set object title
setDescription($a_desc)
set object description
getDescription()
get object description
getId()
get object id @access public
static _lookupType($a_id, $a_reference=false)
lookup object type
static _getIdsForTitle($title, $type='', $partialmatch=false)
getTitle()
get object title @access public
This class represents an option in a radio group.
static diffTemplate(array $a_old, array $a_new)
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static gatherTemplate($a_role_ref_id, $a_role_id)
static fillAutoCompleteToolbar($parent_object, ilToolbarGUI $toolbar=null, $a_options=array(), $a_sticky=false)
fill toolbar with
Copyright (c) 1998-2015 ILIAS open source, Extended GPL, see docs/LICENSE Date: 07....
Table for role desktop items.
static _getInstance()
Get instance of ilSecuritySettings.
This class represents a text area property in a property form.
This class represents a text property in a property form.
static getInstance($a_usr_id)
Get singelton instance.
static formCheckbox($checked, $varname, $value, $disabled=false)
??? @access public
static _sortIds($a_ids, $a_table, $a_field, $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,...
static sendQuestion($a_info="", $a_keep=false)
Send Question to Screen.
static tf2yn($a_tf)
convert true/false to "y"/"n"
static sortArray($array, $a_array_sortby, $a_array_sortorder=0, $a_numeric=false, $a_keep_keys=false)
sortArray
static sendSuccess($a_info="", $a_keep=false)
Send Success Message to Screen.
static redirect($a_script)
http redirect to other script
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
static MB2Bytes($a_value)
static sendInfo($a_info="", $a_keep=false)
Send Info Message to Screen.
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
static infoPanel($a_keep=true)
static Bytes2MB($a_value)
if(!is_dir( $entity_dir)) exit("Fatal Error ([A-Za-z0-9]+)\s+" &#(? foreach( $entity_files as $file) $output
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
redirection script todo: (a better solution should control the processing via a xml file)
if(!is_array($argv)) $options